The Senior Security Analyst

<p>We are seeking a Senior Security Analyst . This person will be a Security Analyst and Detection and Response expert. They will have experience supporting a Global team protecting networks from cyber threats.  This position will require a large degree of autonomy.  This position reports to the Head of IT Security Detection and Response in Denmark. Are you our new Senior Security Analyst SOC Engineer? Click the apply-button to send your application!</p><p> </p><p><strong>Inviting bright minds</strong></p><p>Do you want to push the boundaries of your profession and develop your excellence in an open, collaborative and empowering culture? We work to create a sustainable future and our inspiring projects and innovative solutions strive to set the standard among our peers. You will join a global company that has been growing successfully since its founding in 1945. Together, we lead and leave a positive impact on societies, companies and people around the world.</p><p>The Senior Security Analyst  is responsible for enabling the Ramboll Detection & Response teams to protect our networks, systems, and data using a variety of Security Tools and automation platforms.</p><p>This role will work assist the Detection and Response team in planning and building defensive, customized security playbooks and automations using our SOAR <em>(Security Orchestration Automation and Response)</em> platform.</p><p>This role is highly detail oriented and requires hands-on knowledge of Microsoft Defender products, ServiceNow, Programming/Scripting Languages, Security Operations, and API integrations.</p><p>This Senior Security Analyst professional role is responsible for planning, designing, and testing the deployment/implementation of complex security systems to fulfill our business needs. This includes design/update architecture overviews and transitioning these solutions to operations</p><ul><li>The Senior Security Analyst must be able to automate and improve the detection, investigation, and response processes as well as plan and execute roadmap strategies.</li><li>Design, build and maintain efficient, reusable, and reliable Security Automations for the SOC teams, as well as other Cyber Security Operations teams</li><li>Create detailed technical process documentation</li><li>Review API documentation and connect third-party services to our SOAR platform </li><li>Experience with Splunk and/or IBM QRadar are a plus</li><li>Familiar with the concepts like: <em>Endpoint Detection and Response (EDR), Threat & Vulnerability Management (TVM), Attack Surface Reduction (ASR), and Auto Investigation and Remediation (AIR) </em></li><li>Hands-on experience with Microsoft Security Products is highly desirable</li><li>Be aware of the cyber security risks and threats surrounding the workplace <em>(secure devices, manage access, protect data, and mitigate threats) </em>and have discussions on these topics with our clients</li><li>Experience with Threat Modeling and executing risk assessments is a plus</li><li>A willingness to become a subject matter expert on our security tooling and to guide and train members of our SOC team to use and maintain our security solutions</li><li>Have a passion towards automation and a real desire to make the job easier for the Security Analysts</li><li>Be able to maintain current knowledge of tools and best practices in combatting advanced persistent threats, including tools, techniques, and procedures (TTPs) of attackers and tools and processes for forensics and incident response</li><li>Must be able to understand workflows, processes and appropriately develop automation techniques to streamline and enhance capabilities</li><li>Implementing a MITRE ATT&CK first approach in the work we do – Threat Informed Defense</li><li>Must be proficient in handling Cyber Security Incidents</li></ul><p>  </p><p><strong>Your starting point for constant growth</strong></p><p>From the moment you join Ramboll, we will support your personal and professional development so that you grow with the company. For this role, we believe your starting point is:</p><ul><li>Strong experience in a security automation development environment</li><li>Strong hands-on experience with scripting languages such as JavaScript and Python</li><li>Strong experience in a segment of cyber security: i.e., SOC Analyst, SOC Engineer, Incident Responder, Incident Handler</li><li>Familiarity with at least one query language like SQL, MySQL, SPL, Kusto, etc.</li><li>Experience working with REST and other third-party API integrations</li><li>Good understanding of security infrastructure and related technologies <em>(proxies, firewalls, email filtering technologies, and network intrusion detection systems)</em></li><li>Experience with Microsoft Defender for Endpoint solutions.<br>
Additional experience with Microsoft Defender for O365, Microsoft Defender for Identity, Microsoft 365 Defender and Microsoft Cloud App Security is highly desired</li><li>Experience with virtualized environments like VMWare or VirtualBox</li><li>Experience with cloud security for Azure or other major cloud provider</li><li>Experience with ServiceNow SOAR or similar SOAR security products – like Palo Alto Cortex, highly desired</li><li>Consulting experience is a plus</li></ul><p> </p><p><strong>The successful candidate will have the following attributes:</strong></p><ul><li>Excellent communication and presentation skills, with the ability to talk with a variety of internal and external audiences</li><li>Ability to handle multiple projects with limited oversight</li><li>Experience with scrum or other agile development methodologies</li><li>Ability to build strong client relationships and to interact effectively at all levels of the Cyber Security Operations organization, including senior executive</li></ul><p> </p><p><strong>How to apply</strong><br>
Apply online. Attach your CV, cover letter and relevant documents showcasing why you are the right fit for the role, and when you are available to start. We look forward to receiving your application.</p><p>For further information, please contact, Christian Klint, Senior Manager, Head of Cyber and Information Security Architecture at [email protected].</p><p>Deadline: <strong>30.06.2023</strong></p>