Job Description
About Us
As a leading business in secure financial transaction processing, security is at the core of Isabel.
The Infrastructure Security Analyst plays an important role in Isabel's Operational Security team to ensure the confidentiality, integrity and availability of all Isabel information.
Key Responsibilities
The Infrastructure Security Analyst will provide specialist support within the security team for all matters relating to the monitoring, detecting, and reporting of cyber security related events coming from Isabel's networks, our partners, and customers. This position will serve as an advisory role in matters of cyber security to the organization and will have a supporting role in the development, issuance and maintenance of the detailed security strategies and policies.
The Infrastructure Security Analyst will support incident handling activities throughout the incident response and forensic analysis process (handling compromised machines and/or supporting HR/Ethics/Legal cases). The Infrastructure Security Analyst will be responsible for successfully leveraging security data from internal (logs, firewalls, hosts, etc.) and external (Industry portals, mailing lists, newsgroups, etc.) sources in an effort to implement effective mitigations to protect Isabel's network perimeter.
Core Responsibilities:
* Provide specialist support for monitoring, detecting, and reporting of security related events coming from a large variety of sensors.
* Ensure 24/7 security event analysis activities.
* Perform technical coordination internally and externally as required.
* Provide technical support to forensic investigations.
* Develop and maintain customized sensor and correlation filters and signatures to address Isabel-specific threats and vulnerabilities.
* Monitor all detection capabilities to ensure their expected performance.
* Conduct and direct technical aspects of trend and threat analysis in order to optimize Isabel's sensors and to propose modifications to audit policies.
* Provide technical expertise on the operational processes of the different areas of cyber security.
Requirements
This position requires an understanding of networking, cloud, system administration, architectures, and security elements to include firewalls, intrusion detection systems, routers and proxies. This position requires the ability to work independently and in collaboration with rest of the SecOps team. The Infrastructure Security Analyst is also required to produce cohesive technical intelligence reports and an ability to adhere to the highest standards of ethics and professional conduct are an absolute must.
Education and Experience
Educated to degree level with a specialization in information security or information technology or have relevant experience in the domain.
Proven information security background with at least 5 years' experience in a similar role or 3 years with a Master's Degree in a relevant field.
Required Skills
* Fluency in English and in at least one of the local languages (French and / or Dutch)
* Strong communication skills - both written and verbal
* Ability to work independently and work well under pressure
* Deep understanding of information security tools and processes
* Experience with network equipment, routers, switches, firewalls (at least one of the following: Palo Alto, Cisco, Checkpoint)
* Hands on knowledge of cloud security of one of AWS, Azure, or GCP, and security of MS 365 (including MS 365 Defender)
* SIEM use cases development in Splunk ES, Elastic Search, Azure Sentinel, or ArcSight
* Good understanding of networking, system administration, architectures, and security elements
* System security (Linux or Windows)
* Experience with host and network based forensics
* Programming/scripting experience (Python, PowerShell, Golang, ...)
* Technical knowledge in network security products, cryptographic suites
Desired Skills
* Experience working in SOC
* System and Network Vulnerability Assessment
* Automation of security monitoring and response (e.g. Phantom, Cortex, ...)
* Experience working in DevOps environment (Ansible, Terraform, Gitlab runners, Vault, Harbor)
* Secure Development Life Cycle knowledge and code review tools like Fortify, ...
* Setting web proxy policies/configurations (e.g. Palo Alto, Bluecoat, F5 ...)
* Physical/Data Link Layer, Dynamic routing (BGP, MPLS...)
* Enterprise DNS management (Infoblox)
* Knowledge of Kubernetes and Docker