Cyber Defense Analyst @ leading digital accelerator
Comprehensive IT baseline protection is one of the core success factors for companies that want to be successful in the long term. But hardly any other environment is as dynamic as the demands placed on IT security.
Businesses leverage digitalization opportunities, their cyber-attack surface structurally increases, which can lead to business disruptions, data breaches. High-profile industry incidents show that these risks are real.
T-Systems is taking action to respond and provide service to the continuous flow of these types of attacks, and we need Cyber Defense Analyst like you to join our team.
About the role and function
You will be a member of the T-Systems Security & Compliance flex organisation of a global customer unit (Energy/ Oil & Gass) which provides IT services to one of the world’s leading Energy enterprise.
You will be interface for all aspects of threat, vulnerability, and security incident management for the customer and internal units.
Your role is enabler. The role supplies means, knowledge or opportunity for delivery teams to provide services according to T-Systems security standards and additional customer security requirements.
You will support customized services to customer such as security investigations and security emergency response. Flexible work schedules – regular communications with partners in Europe, Asia, US time zones in hybrid work environment.
Key responsibilities include:
Stay up to date on emerging Threat Management IT risks and react accordingly by informing relevant T-Systems and customer stakeholders
Take measures to protect the customer and T-Systems from adverse impact on IT and business operations via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Evaluate the potential for a threat-source to successfully exploit information system vulnerabilities
Ensure that vulnerabilities are discovered as early as possible
Ensure that discovered vulnerabilities are addressed in a timely manner according to customer requirements and T-Systems standards
Support Customer Security Operations Center to assess Events of Interest (EOI) related to Services delivered by T-Systems.
Support Customer Security Operations Center to optimize Customer monitoring procedures
Report and Handle security incidents according to customer requirements and T-Systems security incident management process
Drive root cause analysis and follow up with improvements of existing controls or advice on new controls as needed
Perform detailed incident investigations including forensics and interviews
Provides security consultancy to delivery teams (focus on threats and vulnerabilities)
Prepare and maintain Emergency Response plans for most likely scenarios
Ensures service level reporting in the area relevant to Cyber Defense is correct. Anticipates performance issues and agrees on corrective action plans with the responsible Service Delivery Managers and/or production teams.
Qualifications and Skills:
minimum of a Bachelors degree in an IT-related field or a comparable professional education.
At least 3 years experience in a full time IT Security position in an enterprise environment.
Proven work experience in Security Incident Management
Professional certification in IT security or information security risk management (CISSP or comparable) or comparable work experience.
Several years experience in working with virtual teams across multiple time zones
Self-reliant in planning and execution of tasks according defined targets and strategic objectives
Technical knowledge of Internet security, networking protocols, and related technologies (Firewall IPS/IDS)
Basic understanding of Windows, Linux and network device monitoring and logging techniques
Experience with Security Monitoring (SIEM technology and Security Operations Center)
Experience with IT control frameworks
Basic Cloud security knowledge
Basic understanding of Identity and Access Management concepts
Excellent problem solving, critical thinking, and analytical abilities.
Excellent communication and presentation skills. Ability to effectively communicate, both orally and in writing, through all levels of the organization.
Advantages:
Professional certifications in the area of security incident handling, any advanced Security Certificate is plus
Professional experience in an IT Operations or Service Management role
Professional experience with IT control frameworks either as a control responsible or in an audit function.
Professional experience as an Ethical hacker, Penetration tester
Forensics
Professional experience with Unix
Web Application Security
Security in Application Operations
ITIL Foundation and Service Management
SAP Knowledge
Experience in agile development and or operations.