Cyber Defense Threat Specialist (15907)

Transportis at the core of modern society. Imagine using your expertise to shape sustainable transport and infrastructure solutions for the future? If you seek to make a difference on a global scale, working with next-gen technologies and the sharpest collaborative teams, then we could be a perfect match.Who we are:We, at Enterprise IT Security, are on a mission to secure the IT journey for the Volvo Group. We work closely together with stakeholders across several Business Areas (BAs), Truck Divisions (TDs), and Group Functions (GFs). While the BAs are responsible for driving the business, the TDs provide research, development, purchasing, manufacturing, and assembly. Within Volvo Group, the GFs own the Group agenda, provide strategic direction, and have global responsibility in group-wide functions such as IT, legal, compliance and security.With Enterprise IT Security, you will be part of Group Digital & IT (Group Function). A global and diverse team of highly skilled professionals who work with passion, trust each other, and embrace change to stay ahead. Enterprise IT Security (EITS) works in close collaboration with both Group Security function and security functions within TD's, BAs and GFs. Together we work to build a security posture that is best in class.We are actively seeking a Cyber Defense Threat Specialist to join our Global Cybersecurity Operations Center (CSOC) in Curitiba, Brazil. In this role, you will be responsible for deep log and data analysis, supporting the CSOC as a technical expert and escalation point for investigations, identifying gaps and enhancements to our security tooling, incorporating threat intelligence to enhance detection and mitigation strategies, providing guidance to fellow team members on cybersecurity best practices and our tooling.What you will do:With Enterprise IT Security, you will be part of Group Digital & IT (Group Function). A global and diverse team of highly skilled professionals who work with passion, trust each other, and embrace change to stay ahead. Enterprise IT Security (EITS) works in close collaboration with both Group Security function and security functions within TD's, BAs and GFs. Together we work to build a security posture that is best in class. We are seeking a Cyber Defense Threat Specialist to join our growing team.Develops unique cyber indicators to maintain constant awareness of the highly dynamic corporate data network.Collects, processes, and analyzes cyber threat assessments based on intelligence received from the Cyber Threat Intelligence team.Provides logging and monitoring design services.Conduct continual cybersecurity research and advisory services to harden the IT and OT defensive posture.

Who are you? Do you dream big? We do too, and we are excited to grow together. In this role, you will bring: Bachelor's degree in Computer Science or a related 4-year technical degree.Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities.Oneor more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP.Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments.Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs).Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management.Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocolsDemonstratable experience in scripting languages (may include Powershell, Python, PERL, etc.)Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controlsWorking knowledge in modern cryptographic algorithms and systems.Experience working with and tuning signatures, rules, signatures, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics.Network design knowledge including security architecture.Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage)Conceptual understanding of cyber threat hunting.Prior experience and ability analyzing cybersecurity events to determine true positives and false positives. Including cybersecurity alert triage, incident investigation, implementing countermeasures, and managing incident response.Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting.Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as the ability to support analysis and detection continual improvement.Knowledge of new and emerging cybersecurity technologies.Ability to create technical documents as well as stakeholder sitreps and briefing documents.

Graduação - . - Completo

Who we are and what we believe in Our focus on Inclusion, Diversity, and Equity allows each of us the opportunity to bring our full authentic self to work and thrive by providing a safe and supportive environment, free of harassment and discrimination. We are committed to removing the barriers to entry, which is why we ask that even if you feel you may not meet every qualification on the job description, please apply and let us decide.Applying to this job offers you the opportunity to join Volvo Group. Every day, across the globe, our trucks, buses, engines, construction equipment, financial services, and solutions make modern life possible. We are almost 100,000 people empowered to shape the future landscape of efficient, safe and sustainable transport solutions. Fulfiling our mission creates countless career opportunities for talents with sharp minds and passion across the group's leading brands and entities. Group Digital & IT is the hub for digital development within Volvo Group. Imagine yourself working with cutting- edge technologies in a global team, represented in more than 30 countries. We are dedicated to leading the way of tomorrows transport solutions, guided by a strong customer mindset and high level of curiosity, both as individuals and as a team. Here, you will thrive in your career in an environment where your voice is heard and your ideas matter.

Preferred Qualifications: Deep Cybersecurity Operations Center experience in the following: intelligence driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles.CSOC Process Management experience, to include: process and procedure management, CSOC initiative management, continual operational improvement.Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP « Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders/key stakeholders as well as technical teams and SMEs.Demonstrated knowledge in cyber defense policies, procedures, and regulations.Knowledge of cyber vulnerability management processes.Knowledge of common user and system authentication and authorization mechanisms.What's in it for you? We offer a solid package of compensation and benefits, plus you will enjoy: Great work life balance including generous paid time off benefits.Competitive base salary as well as eligible for annual company bonus.Comprehensive group health benefits package * Excellent 401(K) with company match as well as additional contribution percentage.Tuition Reimbursement Program.Ready for the next move? Areyou excited to bring your skills and disruptive ideas to the table? We can't wait to hear from you. Apply today! We value your data privacy and therefore do not accept applications via mail.