PURPOSE:As Information Security Analyst
you plan and carry out security measures to protect AS Roma organization’s computers, networks and systems.
will review alerts, threat intelligence and security data, identify threats that have entered the network and security gaps and vulnerability currently known. In this role, you
will identify cyber security, spam and phishing events, according to documented procedures and industry best practices, as reported by SIEM/Log Systems and security tools and consoles: one of the purposes is to identify which event is a cyber security incident and to report GDPR-related events to the DPO as well.
Examples of specific responsibilities are:
- Monitoring and improving security access and rules
- Detecting, managing and containing security incidents
- Creating and updating the company’s incident response and disaster recovery procedures
- Conducting security assessments through vulnerability testing and risk analysis
- Performing both internal and external security audits
- Developing security standards, providing security recommendations for IT initiatives
- Assist with security awareness training
You must have experience in both Linux and Windows operating systems, for both on-premises & cloud architectures. Requests in detail are:
Preferred Professional and Technical Expertise:
- A scientific degree such as Cybersecurity, Computer Science, Engineering, or a knowledge of computer security acquired during your studies
- At least 3-years’ experience in a similar role
- Strong knowledge of TCP/IP protocol and related potential security exposures
- Experience on identification of common cyber security threats affecting Microsoft Windows systems, UNIX systems, application and network devices
- Experience in analysis and inspection of log information, packets, and other security tool information outputs from a variety of sources
- Experience with various log management, anti-malware, antivirus, spam & phishing management tools
- Experience on GDPR-related events triage and notification
- Knowledge of data protection regulation key principles
- English language at B2 level or above is required (fluent English language, both written and spoken)
Nice to have:
- Solid experience with Fortinet Firewalls and IPS.
- Experience with Crowdstrike security platform.
- Good knowledge of MS AD, Azure and O365 administration
- Ethical hacking and penetration testing skills
- Experience with log search tools, usage of regular expressions and natural language queries
- Knowledge of common security frameworks (ISO 27001, COBIT, NIST)
Are you interested? Send your resume!
If we do not contact you within 15 days, please consider the job search closed.