Security Operations Engineer

May 14, 2024
Bucharest, Romania
... Not specified
... Intermediate
Full time
... Office work

The EA Security team protects EA by reducing our exposure to security risks. We raise risk awareness for the entire company and provide measured, proportionate security and risk management controls, services and solutions. We also ensure that EA meets all required security standards as defined by various regulatory bodies. Keeping EA safe isn’t a game; join us as we keep the future of play secure for everyone. 

Position Overview

Provide 24x7 monitoring for security alerts and incidents (eyes on the glass).

Work with different security tools to analyze data to confirm or infirm an incident. Assist with all Intellectual Property incidents.

The security operations analyst is the 1st point of contact for any EA internal security inquiries and the analyst will work with all security pillars and IT departments to resolve the ongoing security incidents.

Participate in building new detections based on trends observed and create searches, visualizations, dashboards and alerts.

Responsibilities:

  • Monitoring/detecting/investigating security alerts received from security tools such as EDR, IDS/IPS, SaaS, IaaS, and malware content protection tools, into the Security Incident Event Management (SIEM).
  • Track the potential security incidents detected and reported within the dedicated ticketing platform.
  • Take ownership and drive the resolution on current security alerts/incidents.
  • Daily follow-up on outstanding cases.
  • Coordinate with other departments within EA to help resolve OR escalate the security alerts.
  • Investigate incidents detected in the SIEM and reported by the users over email/slack.
  • Suggest improvements to ongoing processes and workflows.
  • Assist with security tools/endpoint agent deployments.
  • Meet the SLAs for internal tickets and track the SLA for tickets opened to other teams.
  • Assist with the internal vulnerability scans.
  • Send security notifications to the users when required.
  • Support security automation tools with information on new incident types/ patterns observed.
  • Provide root cause analysis where possible.
  • Escalate to the next level the incidents/alerts according to agreed workflows.
  • Provide support services to internal users for endpoint solutions deployed.
  • Work with different tools to get the required information to resolve an incident.
  • Investigate Cloud logs for detecting any anomaly.
  • Test new security alerts that are candidates for 24x7 monitoring.
  • Propose new security alerts for implementation.

Required Skills:

  • Understanding of Security principles and knowledge of security techniques and technologies.
  • Experience with virtual environments (any of ESX, QEMU, VirtualBox etc.).
  • Experience with Endpoint protection solutions.
  • Basic Active Directory knowledge.
  • Incident Response experience/knowledge.
  • Basic Networking knowledge
  • Cloud knowledge

Nice to Have Skills:

  • Scripting languages knowledge (any of bash, python, PowerShell, etc.).
  • Experience with Information Event Management tools.
  • Any network/security certification (CompTIA Security+, CEH, CCNA, etc.).
  • Linux certifications (LPIC1, LFCE, etc.).
COMPANY JOBS
504 available jobs
WEBSITE