Role: Service Lead (Cyber Security)
Location: Frankfurt, Germany
Duration: 6 month (rolling contract)
Start Date: ASAP
We have a client who is one of the fastest growing IT Services Company. Their services span from application
management outsourcing, packaged application services, verification and testing, remote infrastructure management,
product development and support. This specific role work be working with one of their automotive clients who are a
manufacturer that also offers financial and mobility services. We are looking for an onsite Frankfurt based freelance Service Lead with 10+ years' experience to join their team ASAP.
You will be:
- General SIEM monitoring, analysis, content development, and maintenance
- Monitor a strategic, comprehensive corporate, commercial and federal information security monitoring and operation program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization
- Daily security activities related to the protection of corporate and other federal assets including scanning tools and ticketing systems documenting the identification and remediation process for identified system flaws
- Provide information to system owners of flaws identified within that group's responsible systems.
- Ensure that IBM Cloud is in compliance with all applicable Federal, IBM Internal and industry standard directives and policies regarding securing and monitoring of information systems
- Assist in risk assessment duties including reporting and oversight of remediation efforts
- Research, analysis, and response for alerts; including log retrieval and documentation
- Conduct analysis of network traffic and host activity across a wide array of technologies and platforms
- Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
- Enterprise-level experience managing the remediation of vulnerabilities in two or more of the following areas:
- Server Operating Systems (Windows Server, Red Hat, CentOS)
- Network (Cisco, Palo Alto, F5, McAfee)
- Storage (NetApp, CleverSafe)
- Manage multiple projects with various priority levels and time lines from start to finish
- Develop and maintain accurate documentation for internal procedures and services
- Maintain knowledge of outstanding vulnerability management issues and ensure remediation timelines are completed by required guidelines
- Thorough understanding of how to calculate CVSS v2 and v3 adjusted scores
- Must collaborate with other departments to resolve complex issues and be detail oriented
- Ability to automate solutions to repetitive problems/tasks
- Overall 5+ years of relevant cyber security experience in IT Security, Incident Response or network security with strong knowledge working in a Security Operations Center
- Experience with: SIEM (QRadar, Splunk, Nitro, etc.), SOAR (Resilient, Demisto, ServiceNOW, etc.), Ticketing (JIRA, ServiceNow, Remedy, etc.)
- Minimum 3+ years' experience in Security Operation centre with SIEMs or 3+ years of applicable experience with Linux/UNIX systems in a production environment
- Knowledge of generic information security standards/programs. Understanding of basic network concepts, familiarity with TCP/IP and VLAN functionality
- Experience with risk management, vulnerability management, threat analysis, security auditing, security monitoring, incident response and other information security practices preferred
- Expertise in Security Device Management SIEM, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEMExcellent customer service and communication skills.?
- Daily activities include
- Operation of various scanning tools in use
- Assessment and analysis data collected from scan tools
- Tracking and reporting on discovered vulnerabilities and remediation efforts
- Identification of overdue system remediation efforts
- Sourcing and tracking of public and pre-embargoed vulnerability disclosure sources.
- Analysis and reporting of all applicable publicly disclosed zero-day vulnerabilities.
- Coordination with system owners to identify and remediate scan problems
- Coordination with system owners to provide requested details about scan findings, scan methodologies and remediation recommendations
- Assisting Program Managers with reporting and continuous motion on remediation efforts
- Lead small teams of 2-4
- Excellent Analytical and troubleshooting skills as well as verbal and written communication
- Creative thinking in implementing service improvements (automation, incident reduction, etc.).
- Willingness and flexibility to learn new technologies, scale up quickly and adapt to different roles as the situation demands
At Talent, we lead the way when it comes to diversity and inclusion hiring practices. We strive to help our clients build their teams - creating diverse and inclusive cultures. With our human centric approach to recruitment, we are committed to hiring, developing and retaining exceptional people regardless of race, colour, religion, sex, sexual orientation, age, marital status, disability or gender identity. Put simply, we give a damn.
Sounds like you? Apply here and we will have a call to discuss the specifics if you profile is a match!