Taegis - ManagedXDR Senior Advisor - Secureworks - Bucharest, Romania in Bucuresti

Company DescriptionSecureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see billion events every day across clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused % on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.Role OverviewBe part of an exciting team that deals with bleeding-edge information security attacks, malware infections, and incident response situations on a daily basis. Protecting our clients from threat actors attempting to compromise their environments.Working as a Senior Advisor in a security operations center environment with other security and networking professionals, you will extend your currently existing network and endpoint security investigation analysis skillset through identification, assessment, review and authoring of incident reports in a variety of client environments. You will actively investigate threat actor activity, malware infections, living off the land attacks, as well as a variety of other security incidents and provide clients with the impact of the threat, your assessment of the incident, as well as recommendations.Role ResponsibilitiesReview security-related events and assess their risk and validity based on available telemetry from network, endpoint, and global threat intelligence information in order to provide clients with concise, detailed, and well-written incident reports, root causes identification, and remediation recommendationsProvide customers with understandable context around their security environment and threatsInterface with clients to address their issues, concerns, and questions, and drive to satisfactory closure any issues that impact the service and its valueWork with client and internal SecureWorks incident response teams to resolve ongoing intrusions, malware outbreaks, and other security incidentsProvide mentorship to SecureWorks team members and clients on security strategy, tactics, techniques, and proceduresUse the Secureworks platform to proactively hunt for and investigate activity within the client environmentUse experience gained during incident investigations as well as malware and exploit analysis to contribute to the development of indicators of compromiseAct as first point of coordination for escalations coming on shift directly from customers via chat, tickets, investigations, (with support from manager)Act as shift coordinator by prioritizing the tasks, activities, internal and external client’s requestsProvide support for all other teams involved in the delivery of the service whenever they have questions or requests from customers.Collect and validate flows/processes/tools issues reported by his shift and present them to the managerInvolve in technical assessments, coaching and/or development of training programs for the team membersTracking and reporting of KPIsRequirementsExperience, Skills and AbilitiesExperience with and strong understanding of:Performing both endpoint and network-based investigationsReviewing logs to identify evidence of past intrusionsPivot off indicators within networks to identify the scope and breadth of attacksMalware and exploit kit functionalityOperating system and application exploitsLateral movement, living-off-the-land, and persistence establishment mechanismsDetection of anomalous system activityThreat hunting methodologiesIncident response and incident handling processesSkills and/or abilities required to perform the essential functions of the jobAbility to research and characterize security threats including creating appropriate countermeasuresAbility to write scripts to automate new and existing tasksStrong technical communication skills, both written and verbalAttention to detail and great organizational and time management skillsExcellent problem solving skills that would allow for the ability to diagnose and troubleshoot technical issuesClient-focused with a passion for delivering service excellenceCourage and willingness to challenge conventional wisdomGreat leadership and coaching skillsCommunication - The ability to make himself well understood by others through the capacity to clearly and convincing express his point of view, to actively listen and control the conversation flow)Risk assessment and decision making -The ability to analyze within reason facts and situations, decision making, evaluating consequences of others and undertake acceptable risksInfluencing - the ability to convince others of his opinions and determine them to followTask management and planning - The ability to effectively set an adequate action plan for himself/herself and for others, in order to reach a goalStrong sense of urgency and ability to work under pressurePossess high standard of integrity and confidentialityEducation/Experience5 + years of relevant experience or equivalent combination of education and work experience:Completion of a Bachelor’s degree or equivalent program in Computer Science, Network Security, Information Security or other applicable field and 5+ years of work experience in the fieldCertificationsIndustry certification from vendors: ISC2, GIAC, EC-Council, Cisco, Juniper, CompTIA, ITIL, Unix, Microsoft, Oracle, etc.(eg: GCIA, GWAPT, GCIH, GCFA/GCFE, GREM, OSCP/OSCE, eLearn THP or similar certification preferred)LanguageEnglish - Very strong verbal and written skillsLocationsBucharestWork scheduleSpare roleJob Duty Differentiators Mentor and train new hires to support business growth and a high-quality of service Handle customer requests in a timely and detail-oriented fashion in order to resolve a multitude of information security related incidentsDevelop processes and procedures to enhance our capabilities to deliver the service.Job Scope Differentiators Experienced AnalystExperienceFunctionalLeadership​SkillsTechnicalFunctionalLeadershipSignificant knowledge and application of end point securitySignificant knowledge of adversarial attack methods and technologies.Knowledge of network security that pertains to communications, computer system environments and related infrastructures.Competencies Thorough knowledge of globally accepted information security Principles