Junior Security Engineer

Detalhes da Vaga

Natixis in Portugal Global Financial Services is the global arm of Groupe BPCE. It comprises two businesses – Asset & Wealth Management and Corporate & Investment Banking – that support their clients in facing today's major environmental, technological and... Founded in 2015, BPCE Infogérance & Technologies is a subsidiary of Groupe BPCE, dedicated to Infrastructures, End-User Environment, Security and Production. Driven by growth, expertise, transformation and agility, this project embraces an international mindset and a diverse skill set. You'll find yourself in a dynamic and enriching workplace or, as we like to name it, a real tech playground, where you'll be able to explore a huge tech stack.
Job Description We are looking for a Junior Security Engineer (local contract) to join our BPCE IT business Unit.
Integrated within the Security Operation Center (SOC) BPCE-IT, the Blue Team is the first line of defense, responsible for defending the enterprise's use of information systems by maintaining its security posture against attackers.
The main activities are the ones below:
Detection, categorization and investigation of infrastructure, applications and security incidents
Vulnerability management on critical vulnerabilities (handling, categorization and follow-up)
Implementation of detection scenarios and treatment of associated alerts
The Junior Security Engineer is responsible for monitoring and analyzing the organization's networks and systems on a daily basis to detect, identify, investigate, and mitigate potential threats. They must be able to identify anomalous behavior, recognize patterns of malicious activity, and take appropriate corrective action.
In addition to their daily duties, the Junior Security Engineer will provide recommendations for improving security posture and assist with incident response plans, policies, and procedures. Some additional responsibilities may include recommending tools or solutions, participating in audit activities, providing reporting on security events/incidents and collaborating with other teams across the organization.
Missions:
The candidate will have 3 main missions:
1) Analysis:
Participation in improving correlation and log analysis rules
Conduct investigations and research including statistics
Interpret or perform first level (Sandbox or manual) minimum scans on malicious codes
Improve our Threat Intelligence activity
2) Handling incidents:
Creating, and managing service requests via our ticketing tools (ServiceSnow / SecOps / TheHive)
Qualify and analyze these elements to determine the cause of the incident, the mode of operation of the attack (vulnerabilities use, tactics, technics), the scope and the perimeter of compromise
3) Training:
Knowledge transferring in-house and writing documentation
Apart from these activities the candidate will have to maintain and develop his expertise:
in techniques and tools of digital investigation
methods and tools for analysis (monitoring, training, international conferences, etc.)
Qualifications The candidate must be operational on the security tools used in the BPCE IS and the architectures in place.
Knowledge in most of the following technical areas, keeping in mind that no one is an expert in every topic.
The ideal candidate should have problem-solving skills and a background in cybersecurity engineering.
Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM).
Experience of Splunk and Regex search syntax.
Experience of theHive.
3) SYSTEM/NETWORK
Knowledge of network and system architectures
Knowledge of the operation of intrusion detection probes and event log correlation tools
4) SECURITY:
Knowledge of Mitre Attack framework and counter measures link to the technics and tactics
Knowledge of Information monitoring and analysis tools and methods.
Knowledge of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall, etc.)
Have knowledge on one or more of the following topics: Web application vulnerabilities
Malware types (rootkit, ransomware, botnet, etc.)
Obfuscation and persistence technics (cryptography, packing, etc.).
Digital investigation/analysis tools
SandBox behavioral

Other requirements :
Good level of English – minimum B2 level;
Good level of French - minimum B1 level;
Ability to keep up with a demanding and fast-paced environment;
Good priority definition skills;
Know how on implementing pedagogy methods;
Ability to work in a team.
Additional Information At Natixis, we are committed to fostering a working environment where each and every one of our people is treated with dignity and respect and where every voice is heard. Our differences make us collectively stronger and are a source of fulfilment, innovation and performance.
In the framework of its Diversity, Equity & Inclusion policy, Natixis in Portugal has implemented a Blind CV Screening process, with the purpose of reducing hiring bias. A blind CV excludes any personal details which refer to the applicant's gender, age or ethnicity. When applying for our positions, please submit a blind CV, that is, with no picture, name, gender, age, nationality, ethnicity and address. Your personal statement, work experience, courses and certifications, education, skills and contact information is what matters to us.

#J-18808-Ljbffr


Salário Nominal: A acordar

Fonte: Allthetopbananas_Ppc

Função de trabalho:

Requisitos

Senior Data Engineer

.The payments market is the most exciting technology market in the world today for good reason. McKinsey values it globally at over $2 trillion and it's grow...


Planet Paymet - Porto

Publicado a month ago

Administrador(A) De Sistemas & Pré-Vendas

Administrador(a) de Sistemas & Pré-vendasEstás à procura de uma oportunidade para integrar um projeto de telecomunicações líder no mercado B2B? Queres fazer ...


Dellent Consulting - Porto

Publicado a month ago

Accessibility Qa Engineer

Accessibility QA Engineer - Devexperts CareerCompany DescriptionDevexperts has been working for nearly two decades consulting and developing for the financia...


Devexperts Llc - Porto

Publicado a month ago

Redhat Openshift Platform Administrator (M/F) – Hybrid (Porto)

Match Profiler is an Information Systems consulting firm, working in the national and international market since 1999. We are empowered with multidisciplinar...


Match Profiler - Porto

Publicado a month ago

Built at: 2024-11-13T13:37:59.456Z