Vulnerability Manager, Fixed-term contract

, , Portugal

INTEGRITY part of Devoteam is a leading company, specialised in Information Security, founded in 2009 by professionals recognized in their fields of expertise and composed of employees who combine high experience in their sectors of activity, with relevant national and international certifications in each of the areas.

Certified in ISO 27001 and ISO 9001, PCI certified and CREST accredited, INTEGRITY provides services to a considerable number of clients operating in more than 20 countries.

Totally exempt and independent of vendors, INTEGRITY creates and delivers value-added managed services for today's Cybersecurity challenges that combine its expertise and proprietary technology to consistently and effectively reduce its clients' cyber risk.

Job Description Monitoring the workflow related to the life cycle of vulnerabilities.

Running vulnerability scans and filtering false positives.

Support to the development team for the development of new versions of the vulnerability management tool.

Qualifications Security Knowledge (for example knowledge of pentesting)

Network Knowledge

Unix (important to know network commands, bash commands)

SQL knowledge

Brief knowledge of risk management

Fluency in English and Portuguese.

Additional Information What we offer:

Professional development and monitoring talent;

Commitment to our employees' development;

Collaboration in a company that is constantly growing and evolving;

Strong organizational culture: collaboration, sharing, flexibility, integrity and low ego.

Cyber Incident Handling Madrid . Spain | #Offensive CyberSecurity Engineer Expertise to analyse, manage and investigate cyber incidents.

Handle and respond to cyber security incidents to ensure comprehensive and cohesive world class response: First triage activities, Analyze incidents and determine their impacts, Notification and Escalation of incidents according to its impacts, Participate in the containment, eradication, and recovery of major incidents, Document and keep track of every activity related with the incident response process.

Develop a post mortem analysis of systems and networks.

Manage complex cyber security incidents globally across the group. Become part of a world class capability that will own, respond and coordinate significant incidents ensuring successful resolution and adopting lessons learnt to increase the cyber resilience.

Orchestrate the necessary human and technical resources for the resolution of high impact cyber incidents.

Design and supervise an organized approach to address and manage the aftermath of a security breach or cyberattack in order to limit damage on internal systems, data, and networks and reduce recovery time and costs.

Drive continuous improvement in Santander´s cyber response capability through your involvement in the cyber readiness programme across the Global Cyber Respond Team.

Review and coordinate projects related with the development and improvement of Incident Response plans, policies, and procedures ensuring a consistent, professional and disciplined approach.

Participate in the cyber exercises programme to develop capabilities globally:

Design and execute focused development plans for entities and internal teams, addressing gaps in capability through innovative training solutions and cyber exercises, such as:

Live simulation / table top to test processes, such as critical business and technical playbooks.

Technical simulations, such as Cyber Ranges

Skills labs on the use of cyber incident orchestration tools and threat intelligence platforms.

Preparation and final QA of incident reports and minutes oriented to senior management audience.

Contribute to the establishment of a strong and collaborative Global Community between Cyber Threat Units.

Collaborate with key stakeholders within the bank, such as Global Forensics, Global Security Operations Centre, Corporate Security & Intelligence, Global Cyber Fraud, and the Secure User Experience team, among others.

Be available to participate in the incident response procedure in 24x7 basis, 8/hour shifts, and On-Call scheme.

EXPERIENCE

1+ years of experience in cyber security with a broad understanding of information security and previous experience as part of a CIRT, CSIRT or similar response team.

EDUCATION

Degree such in computer science, engineering or similar

SKILLS & KNOWLEDGE

Required

Knowledge of Incident Response and Handling methodologies – Experienced level.

Knowledge of cyber incident categories, incident response, and timelines for responses.

Knowledge of cyber defense and information security procedures and regulations.

Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).

Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

High level of English.

Recommended

Desired one or more of the following certifications (CISSP, CISA, CISM, CEH, OSCP, GCIH).

Experience in the financial/banking industry.

Analyste SOC - H/F Levallois-Perret . France | #Offensive CyberSecurity Engineer

Cyber Security Engineer Lisbon . Portugal | #Offensive CyberSecurity Engineer

Ensure adequate coverage and collection of security events from the main perimeters of networks, services and systems (endpoints and servers) with a focus on the Windows world for the corporate SIEM platform, developing use cases that generate anomalous situations and potential security incidents, for treatment by the SOC (Security Operations Center) team.

Execution of Ethical Hacking functions in a Red Team environment to define use cases in the Windows world.

Analysis, research, implementation and evolution of new technologies that implement Security Controls that protect and monitor the critical assets of client, as well as mitigate the existing "gap's" in the security architecture.

Monitor client's projects in terms of security consultancy, as well as identify the security requirements that the solutions must meet.

Analista L2 para SOC Madrid . Spain | #Offensive CyberSecurity Engineer Consultor Sailpoint Bilbao . Spain | #Offensive CyberSecurity Engineer

Deseable: Conocimientos de AD

Conocimientos de SQL

Gestión básica de SO Linux y/o Windows

Inglés B2

Predisposición a la enseñanza/tutorización de otros Junior

Entorno propio de pruebas/desarrollo que pueda enseñar

Devoteam Marseille - Stagiaire Cybersécurité (H/F) Marseille . France | #Offensive CyberSecurity Engineer Consultor técnico One Identity Manager Senior Bilbao . Spain | #Offensive CyberSecurity Engineer

Banking Sector | Pentester Senior Porto . Portugal | #Offensive CyberSecurity Engineer

We are looking for a Pentester to join the Purple teamwithin ourInfrastructure, Production & Securitybusiness unit.

The candidate will have four main duties:

1. Analyst

Develop new logs analysis and correlation rules and maintain existing rules and different components of the SIEM alerting GUI (Dashboard, Alerting, etc.)

Create the search algorithm;

Investigation and statistics analysis;

First-level diagnoses of the malicious codes (Sandbox or manually);

Understand new vulnerabilities and their exploitations, advise and follow the remediation with the concerned IT team;

Understand how new cyberattacks can target Natixis IS;

Find relevant IOC sources to feed security monitoring tools;

Create or find patterns to anticipate and detect new attacks;

2. BlueTeam

Test and improve detection alerts and security tools during penetration tests

Advise and help IT on cyber security investigations;

3. Training

Self-training to rise in expertise:

Exploitation of new vulnerabilities.

Methods and tools (survey, training, international conferences, …)

4. RedTeam

Carry out security assessments on the organization's IT infrastructure and web applications.

Deliver and present a report of the findings.

#J-18808-Ljbffr