Information Security Analyst

  • AS Roma
  • Roma, Metropolitan City of Rome, Italy
  • 22 Feb, 2021
Full time Data Science

Job Description

PURPOSE:

As Information Security Analyst you plan and carry out security measures to protect AS Roma organization’s computers, networks and systems.

MAIN RESPONSABILITIES:

You will review alerts, threat intelligence and security data, identify threats that have entered the network and security gaps and vulnerability currently known. In this role, you will identify cyber security, spam and phishing events, according to documented procedures and industry best practices, as reported by SIEM/Log Systems and security tools and consoles: one of the purposes is to identify which event is a cyber security incident and to report GDPR-related events to the DPO as well.

Examples of specific responsibilities are:

  • Monitoring and improving security access and rules
  • Detecting, managing and containing security incidents
  • Creating and updating the company’s incident response and disaster recovery procedures
  • Conducting security assessments through vulnerability testing and risk analysis
  • Performing both internal and external security audits
  • Developing security standards, providing security recommendations for IT initiatives
  • Assist with security awareness training


REQUIRED SKILLS:

You must have experience in both Linux and Windows operating systems, for both on-premises & cloud architectures. Requests in detail are:

  • A scientific degree such as Cybersecurity, Computer Science, Engineering, or a knowledge of computer security acquired during your studies
  • At least 3-years’ experience in a similar role
  • Strong knowledge of TCP/IP protocol and related potential security exposures
  • Experience on identification of common cyber security threats affecting Microsoft Windows systems, UNIX systems, application and network devices
  • Experience in analysis and inspection of log information, packets, and other security tool information outputs from a variety of sources
  • Experience with various log management, anti-malware, antivirus, spam & phishing management tools
  • Experience on GDPR-related events triage and notification
  • Knowledge of data protection regulation key principles
  • English language at B2 level or above is required (fluent English language, both written and spoken)


Preferred Professional and Technical Expertise:

  • Solid experience with Fortinet Firewalls and IPS.
  • Experience with Crowdstrike security platform.
  • Good knowledge of MS AD, Azure and O365 administration


Nice to have:

  • Ethical hacking and penetration testing skills
  • Experience with log search tools, usage of regular expressions and natural language queries
  • Knowledge of common security frameworks (ISO 27001, COBIT, NIST)