L2 Security Incident Response Analyst Porto

L2 Security Incident Response Analyst
Porto
Porto, Porto District, Portugal

Direct message the job poster from Decskill

Decskill, founded in 2014 as an IT Consulting Company, places paramount importance on its greatest asset: its people. Our main mission is to deliver value through knowledge and talent, and we achieve this by fostering a culture of excellence and investing in the development and
- being of our people. With over 600 dedicated professionals and offices in Lisbon, Porto, Madrid, and Luxembourg, Decskill operates across three core areas:

Decskill Talent: We believe that our people are key to our success. Through Decskill Talent, we empower our team to embrace the digital transformation challenges of our clients. We collaborate with clients to drive innovation, ensuring project success and business growth.

Decskill Boost: Equipping our team with the latest tools and methodologies, we optimize Time-to-Market and deliver innovative solutions exceeding client expectations.

Decskill Connect: Our team collaborates closely with clients to implement and manage IT infrastructures that generate
- term value.

At Decskill, we believe that by nurturing and empowering our people to confront the challenges of digital transformation, we create value not only for our clients but also for our entire ecosystem, fostering a digital community dedicated to growth and progress.

We are looking for a L2 Computer Security Incident Response (CSIRT) Analyst for a hybrid project based in Porto or Lisbon (2x/Week).

Responsibilities:

• Handling of
  - investigations provided by Cyber
  SOC
  - cases and DLP detection systems;
• Analyze the effectiveness of existing DLP controls and continuously seek improvement in technical/functional and process;
• Contribute to Cyber
  SOC
  - case development and optimization;
• Monitor DLP related events, conduct investigations and respond to data leakage incidents according to internal procedures (including interviews with key contributors, i. e. HR, Procurement, DPO, …);
• Develop and enhance data protection policies and rules across the various systems, manage exceptions;
• Respond to and facilitate e
  Discovery requests from IT Security, HR, Legal and Compliance;
• Maintain accurate and detailed records of incidents in the group GRC tool;
• Assist in governance by delivering detailed reports and KPIs;
• Contribute to cybersecurity governance, including delivering reports and KPI related to the activity, including PCC;
• Quickly escalate complex incidents to Level 3 CSIRT Analysts, ensuring that all relevant data and preliminary findings are accurately communicated to facilitate further analysis;
• Contribute to industrialization/formalization of Cyber Defense processes and effectiveness;
• Provide analysis and expertise on
  - incidents, including
  - cause analysis by identifying preventive measures.

Requirements:

• Event & Incident monitoring and response (identify, alert and contain);
• Cybersecurity - general knowledge in logs analysis and general knowledge regarding endpoints security (e. g. , EDR solution);
• Scripting language (Python);
• SIEM (Security Information Event Monitoring), SOAR (Security Orchestration, Automation and Response), DLP (Data Loss Prevention).

If you’re interested in this job please send your CV to carolina. novais@decskill.com with reference CN/CSIRT.

Decskill is committed to equality and
- discrimination with all our talents. We recruit and promote talent based on diversity and inclusion, regardless of age, gender, ethnicity, race, nationality, or any other form of discrimination incompatible with the dignity of the human being.

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology

Industries

• IT Services and IT Consulting