Team Lead - Cyber Security Incident Response @MMCTech Cluj-Napoca

Act as the reporting manager for the Tier1 and Tier2 analysts in your geographic region

Provide technical and professional guidance for analysts on your team

Analyzing network traffic, endpoint security events, and other various log sources to identify threats, assess potential impact, and recommend mitigations

Supporting other security functions and teams to ensure the holistic implementation of security controls, technologies, practices, and programs

Contributing to the development and improvement of response processes, documentation, tool configurations, and detection logic 

Assisting in additional Security Operation Center initiatives, including playbook development and documentation, new rule creation, and tool evaluations

Maintaining an operational knowledge of global threat trends, known threat actors, common tactics, techniques, and procedures (TTPs), and emerging security technologies

Collaborating on Security Operation Center team training opportunities and other cross training opportunities as well as operating as a subject matter expert on various security topics across multiple domains

Supporting 24x7 operations by participating in an
- call rotation and assisting in ongoing incidents during
- standard hours

2+ years of information security experience and/or 2-4 years of experience in security analysis in a
- security focused role

Undergraduate degree in Computer Science (CS), Computer Information Systems (CIS), other related degrees, or equivalent experience;

Excellent critical thinking skills, with proven analytical expertise and the ability to learn adaptively;

Demonstrated leadership ability of technical teams;

Demonstrated effective verbal, written and interpersonal communication skills with the ability to communicate security concepts to both technical and
- technical audiences;

Demonstrated experience with security technologies and alerts, such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners, forensics tools,
- source tools, or other security technologies;

Knowledge in one or more of the following domains: Network Operations and Architecture, Operating Systems, Identity and Access Management, Programming, Cloud Computing, Databases, or Cryptography;

Ability to operate independently in a dynamic, evolving environment with multiple inputs and tasks simultaneously;

Knowledge of common attacks, current threats, threat actors, and industry trends;

Familiarity with common security frameworks and models, such as MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, The Diamond Model of Intrusion Analysis and NIST Cybersecurity Framework;

Professional or technical certifications, such as Security+, GIAC Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), or other related certifications;

We help you be your best through professional development opportunities, interesting work, and supportive leaders;

We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have an impact for colleagues, clients, and communities;

Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your
- being;

A yearly budget and the opportunity to build your flexible benefits package (up to 20% of your annual salary);

30+ days off (25 legal days off, 1 extra day off on your birthday, public holiday replacement days, extra buy/sell from your benefits budget);

Performance Bonus scheme;

Matching charity contributions, charity days off, and the Pay it Forward charity challenge;

Core benefits - Pension, Life and Medical Insurance, Meal Vouchers, Travel Insurance;

We champion flexible working, and our mission is to help you find YOUR
- life balance, whether that is standard working, flextime working, or working from home;