Honeywell IT Security Analyst in Brno, Czech Republic
At Honeywell Technology Services Inc (HTSI) we believe in integrating security into all aspects of our business to protect the people, processes, and assets by which Honeywell achieves its greater mission. Advancements in technology, contractual and regulatory requirements, emerging threats, and Honeywell's growth worldwide continue to challenge all of us to ensure everything we do in business is done securely.
Security Operations Center (SOC) is searching for an incident response expert with extensive experience in forensic analysis of compromised systems and the ability to reverse engineer malware. The preferred candidate should also be able to formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies, and artifacts of data ex-filtration. Candidate must be able to work with a team and coordinate work actions with that team.
Candidates should possess the following skills:
• Experience performing forensic analysis of Windows and Unix systems to identify compromise artifacts (3 years) • Malware analysis and reverse engineering (3 years) • Experience in building sandbox/test lab environments to evaluate malicious code • Ability to identify actionable indicators of compromise based upon analysis of malware of forensic data • Scripting and programming experience (e.g., Python, Perl, C, C , Java, Assembly Language, Shell Scripting) • Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis preferred
Basic Qualifications: BS Degree plus: • Minimum five years experience performing incident response with an emphasis on system compromise analysis • Experience performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools. • Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products. • Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns. • Creation of tools to automate analysis of malicious binaries. • Ability to perform network based forensics and log analysis • Strong understanding of incident response methodologies and technologies • Willingness to serve as a member of a Incident Response Team (IRT) and respond to emergency calls during non-business hours, as needed • Ensure the confidentiality, availability, and integrity of SOC data sources • Candidate should be able to react quickly, decisively, and deliberately in high stress situations • Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers • Highly motivated individual with the ability to self-start, prioritize, and multi-task • Participate in on-call rotation
Additional Qualifications • Experience with log management and/or SIEM technologies such as Splunk, ArcSight, and LogLogic • Experience with databases and SQL • Technical certifications considered an asset are: CISSP,GCIH, GCIA, GCFA, GPEN, GCFE, CCNA, CCNP
Job: *Information Technology
Title: IT Security Analyst
Requisition ID: 00354626