CyberSecurity Detection and Response Designer
Randstad
- Lisboa
- Permanente
- Horário completo
Minimum of 3 to 5 years of experience in data analytics / big data / business intelligence solutions and project management
Technical & Analytical Skills
Significant experience in SQL, Python,
Good knowledge of Dashboarding tools (preferably Qlik Sense or GOogle Data Studio/Looker)
Solid knowledge on how to work with complex and/or large datasets, on different data formats, using data wrangling libraries or processes to prepare raw data
Knowledge of data analytics/big data solutions
Prior experiences with Google Apps Script, Github are a plus
Ability to translate business problems into meaningful insights
Agile project management skills
Fluent in English (French is a plus)
Ability to work in a multicultural environment
Able to travel domestically and internationally when neededResponsibilitiesIn order to increase compliance regarding handling of sensitive data, Airbus Cyber Security has created a new product to manage this perimeter; the Data Compliance Center (DCC). Its main objective is to ensure that potential non-compliance of sensitive (e.g Internal Classification, Export Control) data transfers and hosting, has the corresponding detection, alerting and remediation in place.
As a Compliance Detection Designer, you will be at the forefront of fortifying our data security and compliance efforts by crafting and improving Splunk Enterprise Security
(Splunk ES) correlation searches and Security Orchestration, Automation, and Response (SOAR) playbooks. Collaborating closely with analysts and the broader team, your role is
crucial in translating business requirements into effective detection and alerting use-cases while streamlining incident response.
Create Splunk correlation searches tailored to various use-cases, aligning them with specific business requirements and security objectives.
Continuously improve existing use-cases to enhance detection accuracy and reduce false positives.
Develop and refine automation playbooks within the SOAR platform, streamlining incident response processes.
Craft efficient response procedures for various use-cases, ensuring consistency and effectiveness.
Translate business requirements into detection and alerting use-cases that align with security and compliance goals by collaborating closely with business analysts
Utilize scripting, particularly Python, to enhance the functionality of detection mechanisms and automation workflows.
Collaborate with the framework teams to integrate SOAR capabilities into our security framework.