Full-Time Internal Security Analyst
NOTE: This job listing has expired and may no longer be relevant!
Scytl is the global leader in secure election management and electronic voting solutions. Specializing in election modernization technologies, Scytl offers the first end-to-end election management and voting platform, providing the highest security and transparency standards currently available.
Scytl has capitalized on its more than 18 years of research to develop election-specific cryptographic security technology protected by more than 40 international patents and patent applications, positioning Scytl as the company with the largest patent portfolio of the industry.
Scytl’s solutions have been successfully used in more than 20 countries throughout the world over the last 10 years, including Canada, the United States, Mexico, Ecuador, France, Norway, Switzerland, Bosnia-Herzegovina, the UAE, India and Australia. Scytl is headquartered in Barcelona, Spain with strategic offices in Canada, the United States, Peru and Greece as well as field offices in the UK, Ukraine, Malaysia, India and Brazil.
Reporting to the Director of Security, the Internal Security Analyst Security Operations Center (SOC) role will suit someone with experience as security consultant or security auditor, willing to develop his/her career in computer security with a strong security mindset.
This will include, but not be limited to:
- Full responsibility on the internal network security.
- Analysis of potential security incidents. As a second level of security monitoring, research any suspicious security event and investigate its source.
- Retro feedback of the security monitoring rules and the monitoring platform.
- Collaborate in projects to increase the scope of the security monitoring.
- Security investigations, security patterns detection, early detection of potential security incidents.
- Continuous security assessment of our internal IT infrastructure, both from the internal and the perimetral point of view. It includes 6 different locations and networks.
- Establish the security operations procedure, security incidents response plan, and the internal infrastructure security assessment plan.
- Automate the monitoring process and the security tests, integrating them within the IT operations process and networks.
- Research for security vulnerabilities in infrastructure components.
- Research for new defensive security mechanisms related to software and infrastructures.
- Participation in the publication and diffusion (e.g., conference presentations) of the research effort results and contribution of the company in security matters.
- Computing or Telecommunications Engineer / BSc are preferred; other university education such as Physics or Mathematics is accepted.
- Minimum 2 – 3 years of experience in Security, as a security analyst, auditor, consultant, or technician.
- Adequate and sufficient technological skills to prepare scripts, queries, automatize tests and rules, and integrate with the applications that might require for the required operations.
- Knowledge of methodologies and security standards such as OWASP, OSSTMM, CWE/SANS, ISO27000…
- Experience in using SIEM / log analysis tools (Splunk, arcsight, alienvault…).
- Experience in using infrastructure vulnerability scanners and testing tools (nessus, openvas, nmap, metaexploit…).
- Fluent in technical English, spoken and written.
- Occasionally, availability for international travels.
- Previous experience in Security Services firms (advisory or audit).
- Security certifications such as CEH, CISSP, or OCSP.
- Experience in System Administration and Web Application Firewalls.
- Experience in other Security fields such as web application, forensic analysis, remote access systems, and strong authentication.
- Specific experience using Splunk and Splunk Forwarder.
- Other languages are also an advantage.
How to Apply
Please apply using build in feature.
4647 total views, 2 today