Job description:
 

Night shift : Wednesday to Saturday : 11pm - 9AM ( 4 days Shifts)  // Not covered by that 50% mandatory presented. Come to the office once a month (example Wednesday for the team).

 
 
This position is a L2 position : First level of defenses / first Level of human’s influence. Escalation is as follows: L1 = automatization with system which produce the alert. Them L2 = the humans checks. Than L3 would be a more senior role 6-8 years // More background on analysis / malware analysis as well analyst. 
 
The Production CSIRT Level II Analyst position will provide security expertise to the 24x7 Security Operation Center (SOC). The main objective of this position is to help coordinate and report cyber incidents affecting banks' critical assets by detecting, preventing and responding to cyber threats against our group's infrastructure. Within AMER IT Production Security, the North American Cybersecurity Production Operations office focuses on the development and execution of our cybersecurity strategy for the Americas. It provides essential support to the company-wide cybersecurity program through partnerships in the region within our various business areas and also externally with customers, partners and regulators.
 

• Monitor banking sources of potential security incidents, health alerts with monitored solutions and requests for information. This includes monitoring real-time channels or dashboards, periodic reports, email inboxes, helpdesk or other ticketing system, phone calls, chat sessions
• Follow incident-specific procedures to triage potential security incidents in order to validate and determine necessary mitigation measures
• Escalate potential security incidents to Level III and IV engineers, implement countermeasures in response to others, and recommend operational improvements
• Maintain accurate incident notes in the case management system
• Maintain awareness of the bank's technology architecture, known weaknesses, the architecture of security solutions used for monitoring, imminent and pervasive threats identified by customer threat intelligence, and recent security incidents.
• Continuously improve service by identifying and correcting problems or gaps in knowledge (analysis procedures, plays, customer network models), false positive settings, identifying and recommending new or updated tools, content, countermeasures, scripts.
• Conduct peer reviews and consultations with other Level II analysts regarding potential security incidents.
• Serve as a subject matter expert in at least one security-related area (e.g., specific malware solution, python programming, etc.).
• Actively seek self-improvement through continuous learning and advancement to a Level III analyst.
• Provide shift status and metric reporting
• Weekly support for 24x7 coverage
• Adhere to internal operational security and other policies
• Perform scheduled light work