Bitdefender S.R.L.
Flexible location
Associate Security Analyst
Skip the busywork
ApplyBolt rewrites your resume for this exact role and hits submit. You just pick the jobs.
Resume tailored to this roleApplied in secondsTrack every application
Download the appAbout this role
Associate Security Analyst - Managed Detection and Response
Our mission at Bitdefender is to reduce risk to customers’ business to allow them to achieve their objectives. We are focused on delivering real security value for an affordable price – no snake oil. To help in this mission, we are looking for an Associate Security Analyst. You will work in a tight knit, experienced team backed up by an international organization that’s been in business for 18 years.
About Us
The Managed Detection & Response service is a new line of business (think division, business unit, etc). We are an experienced team having built successful Managed Security offerings in the past and staffed by a multitude of cybersecurity organizations and veteran cyber-warfare operators from the military and intelligence services. We all got into this business to provide security services that make customers safer. We must make some money to do that, but our primary goal is to provide services that secure, not just ones that sell.
Our team has been around the block together and operate in a 24x7 environment where we manage emergency situations for customers. For this to work, we must trust each other. As a leadership team, we focus on building that trust through accountability, processes and personal relationships. We have plenty of experienced team members with and without families and understand that not all teams can be built outside of work, but we focus on teamwork to build authentic and meaningful engagement.
About the Role
This is a full-time position in a 24/7 operation with a 4/10-hour shift schedule. Scheduled rotations for night and weekend shifts will be required
Under supervision perform real-time monitoring and analysis of security events from multiple sources including both host and network telemetry
Triage security events to determine priority and severity
Proactively review customers environments searching for anomalous behavior using the cyber kill chain, cyber intelligence, and investigative techniques
About you
Be familiar with and able to articulate when discussing the following:
Cybersecurity principles
Cyber threats and vulnerabilities
Current incident response methodologies
Current cyber investigative techniques
Current cyber threat trends
Computer networking concepts and protocols, and network security methodologies
Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, NICs, HDDs)
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security
Basic system administration, network, and operating system hardening techniques
Identifying, modifying, and manipulating applicable system components within Windows, Unix, or Linux (e.g., passwords, user accounts, files)
Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings)
Defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness)
Virtualization and cloud computing
Knowledge of which system files (e.g., log files, registry files, configuration files) contain relevant information and where to find those system files
Hacking methodologies
Networking protocols (e.g., TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications
Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA]) and how they are used
How to perform packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump)
Security Information and Event Management (SIEM) tools - Searching, aggregating, and correlating data
Web Application Firewall (WAF)
Regular Expressions (Regex)
What we offer
This role is for a fast-growing startup inside a larger organization. This enables us to offer a compelling suite of benefits while still allowing us to move fast and experiment like a smaller organization. This includes:
Wide variety of health and wellness plans
Competitive salary and total compensation plans with quarterly bonuses
401k retirement planning
Paid career development and training
Subsidized cell phones
Our mission at Bitdefender is to reduce risk to customers’ business to allow them to achieve their objectives. We are focused on delivering real security value for an affordable price – no snake oil. To help in this mission, we are looking for an Associate Security Analyst. You will work in a tight knit, experienced team backed up by an international organization that’s been in business for 18 years.
About Us
The Managed Detection & Response service is a new line of business (think division, business unit, etc). We are an experienced team having built successful Managed Security offerings in the past and staffed by a multitude of cybersecurity organizations and veteran cyber-warfare operators from the military and intelligence services. We all got into this business to provide security services that make customers safer. We must make some money to do that, but our primary goal is to provide services that secure, not just ones that sell.
Our team has been around the block together and operate in a 24x7 environment where we manage emergency situations for customers. For this to work, we must trust each other. As a leadership team, we focus on building that trust through accountability, processes and personal relationships. We have plenty of experienced team members with and without families and understand that not all teams can be built outside of work, but we focus on teamwork to build authentic and meaningful engagement.
About the Role
This is a full-time position in a 24/7 operation with a 4/10-hour shift schedule. Scheduled rotations for night and weekend shifts will be required
Under supervision perform real-time monitoring and analysis of security events from multiple sources including both host and network telemetry
Triage security events to determine priority and severity
Proactively review customers environments searching for anomalous behavior using the cyber kill chain, cyber intelligence, and investigative techniques
About you
Be familiar with and able to articulate when discussing the following:
Cybersecurity principles
Cyber threats and vulnerabilities
Current incident response methodologies
Current cyber investigative techniques
Current cyber threat trends
Computer networking concepts and protocols, and network security methodologies
Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, NICs, HDDs)
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security
Basic system administration, network, and operating system hardening techniques
Identifying, modifying, and manipulating applicable system components within Windows, Unix, or Linux (e.g., passwords, user accounts, files)
Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings)
Defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness)
Virtualization and cloud computing
Knowledge of which system files (e.g., log files, registry files, configuration files) contain relevant information and where to find those system files
Hacking methodologies
Networking protocols (e.g., TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications
Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA]) and how they are used
How to perform packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump)
Security Information and Event Management (SIEM) tools - Searching, aggregating, and correlating data
Web Application Firewall (WAF)
Regular Expressions (Regex)
What we offer
This role is for a fast-growing startup inside a larger organization. This enables us to offer a compelling suite of benefits while still allowing us to move fast and experiment like a smaller organization. This includes:
Wide variety of health and wellness plans
Competitive salary and total compensation plans with quarterly bonuses
401k retirement planning
Paid career development and training
Subsidized cell phones