Company
Location
Porto - Portugal
Job type
Full-Time
Python Job Details
Porto, Portugal - Hybrid
More details
Permanent
Gross annual salary: €18.000 - €30.000
Computer & Network Security
5 - 10+ years of experience - Senior
Visa support
Relocation paid
Language(s): Required English
| Nice to have French
SKILLS
Must have:
Microsoft Windows Server
Linux
Python
Other Required:
HTTP
Databases
HAProxy
Unix
DESCRIPTION
We are looking for Security Engineer (M/F) to join the Purple team of Natixis Company Project within our Infrastructure, Production & Security business unit, in Porto / Portugal.
MISSIONS
The candidate will have four main duties:
1) Analyst
Develop new logs analysis and correlation rules and maintain existing rules and different components of the SIEM alerting GUI (Dashboard, Alerting, etc.)
Create the research algorithm;
Investigation and statistics analysis;
First level diagnose of the malicious codes (Sandbox or manually);
Understand new vulnerabilities and their exploitations, advise and follow the remediation with the with concerned IT team;
Understand how new cyberattacks can target Natixis IS;
Find relevant IOC sources to feed security monitoring tools;
Create or find pattern in order to anticipate and detect new attacks;
Static and dynamic analysis of malicious codes and malicious documents.
2) Incident handling
Day to day current SOC operations, create, handle tickets (ServiceSnow/Secops);
Qualify the security incidents and determine the scope of compromising data or components;
Advise and help IT on cyber security investigations;
Provide expertise to other security teams on the configuration, remediation or solution and architecture evolution.
3) Forensics
Collect technical data and determine the security incident’s severities;
Forensic on the compromised system;
Disc image;
Memory dump;
Event logs and system traces;
Network and application.
4) Training
Share (to ITS and SOC) the knowledge and skills by organizing training sessions and write documentation;
Self training to rise in expertise;
Techniques and forensic tools;
Exploitation of vulnerabilities;
Methods and analysis tools (survey, training, international conferences, …).
5) Penetration testing
Evaluate the security of an organisation's IT infrastructure and Applications;
Simulate attacks;
Be able to identify all weakness and report the findings.
The candidate must be operational on the security equipment used in the Natixis IS and know the existing architectures.
If necessary, it must be able to change and adapt security equipment configurations, and must therefore know the operational risks and be able to evaluate the impacts of its actions.
They must have extensive knowledge in most of the technical fields below, but of course he is not expected to be an expert in all these fields.
They must be willing to document and self-train to deal with these technical concept.
The day-to-day
Plan the penetration test;
Select, design and create appropriate tools for testing;
Perform the penetration test on computer systems, networks, web-based and mobile applications;
Document your methodologies;
Gather the data intelligence not only from the output of the automated penetration tools but also from information gathered from earlier stages to identify vulnerabilities that the tools may not see;
Analyse the outcomes and make recommendations for security improvements;
And last but not least, review your findings and feedback with SOC analysts.
REQUIREMENTS
SKILLS
1) DEVELOPMENT
One or more of following programing languages and scripting languages (Python, JavaScript, C, C++, Assembler, Shell).
2) SIEM
Knowledge of SIEM solutions;
Experience with Splunk search syntax and Regex.
3) SYSTEM/NETWORK
Operating system : Unix, Linux, Windows, Android/IOS;
System security vulnerabilities and remediation techniques, including how system processes are working;
Network protocols TCP/IP, routing, IPsec and VPN;
Good knowledge on Internet application protocols weaknesses and vulnerabilities: HTTP[S], SMTP, DNS, NTP, LDAP, SIP, SAMBA, SSH, etc;
Internet architecture definition;
Vulnerability analysis and assessment tools;
Penetration testing methods and tools, especially Web exploits (injections SQL, XSS/CSRF, etc.).
4) SECURITY:
Cyberattacks and counter-measures (network, system, application);
Information monitoring methods and tools;
Standard applications security configurations and hardening (web servers, mail, database, DNS, proxy, firewall, etc.);
Overview on one or more of following subjects;
Application vulnerabilities (web browser, office application, web servers, database, etc.);
Intrusion methods and malicious activities (backdoor, rootkits, botnet, C&C, APT, etc.);
Malicious codes operating mode: persistent, communication, self-protection (cryptography, unpacking, etc.);
Static and dynamic analysis tools (ollyDBG, windbg, immunity debugge, x64dbg, IDA);
Forensic tools;
Sandbox;
Behavioral.
REQUIRED QUALITIES
Good level of English - minimum B2 (mandatory);
Demonstrate autonomy, curiosity, responsiveness, initiative, readiness, discretion, and a sense of responsibility;
Sharp sense of analysis and investigation;
Ability to correlate disparate datasets and to conduct research work;
Ability to design and implement innovative solutions;
Ability to adapt to very different contexts;
Formalize, write the results of an analysis;
Work and cooperate with team members (knowledge sharing, technical collaboration and mutual assistance).
The position therefore requires high level of curiosity, a real ability to grasp new concepts and a permanent challenge.
Which implies as first quality: Open-mindedness
At SOC, the security is not a risk management, the master word “Nothing is secured, everything is exploitable”
PERKS
Capgemini Engineering combines, under one brand, a unique set of strengths from across the Capgemini Group: the world leading engineering and R&D services of Altran – acquired by Capgemini in 2020 - and Capgemini's digital manufacturing expertise. With broad industry knowledge and cutting-edge technologies in digital and software, Capgemini Engineering supports the convergence of the physical and digital worlds. Combined with the capabilities of the rest of the Group, it helps clients to accelerate their journey towards Intelligent Industry. Capgemini Engineering has more than 52,000 engineer and scientist team members in over 30 countries across sectors including aeronautics, automotive, railways, communications, energy, life sciences, semiconductors, software & internet, space & defence, and consumer products.
Get the Future You Want | www.capgemini-engineering.com/pt/pt-pt/
REMOTE DETAILS
2 days / week at the office
More details
Permanent
Gross annual salary: €18.000 - €30.000
Computer & Network Security
5 - 10+ years of experience - Senior
Visa support
Relocation paid
Language(s): Required English
| Nice to have French
SKILLS
Must have:
Microsoft Windows Server
Linux
Python
Other Required:
HTTP
Databases
HAProxy
Unix
DESCRIPTION
We are looking for Security Engineer (M/F) to join the Purple team of Natixis Company Project within our Infrastructure, Production & Security business unit, in Porto / Portugal.
MISSIONS
The candidate will have four main duties:
1) Analyst
Develop new logs analysis and correlation rules and maintain existing rules and different components of the SIEM alerting GUI (Dashboard, Alerting, etc.)
Create the research algorithm;
Investigation and statistics analysis;
First level diagnose of the malicious codes (Sandbox or manually);
Understand new vulnerabilities and their exploitations, advise and follow the remediation with the with concerned IT team;
Understand how new cyberattacks can target Natixis IS;
Find relevant IOC sources to feed security monitoring tools;
Create or find pattern in order to anticipate and detect new attacks;
Static and dynamic analysis of malicious codes and malicious documents.
2) Incident handling
Day to day current SOC operations, create, handle tickets (ServiceSnow/Secops);
Qualify the security incidents and determine the scope of compromising data or components;
Advise and help IT on cyber security investigations;
Provide expertise to other security teams on the configuration, remediation or solution and architecture evolution.
3) Forensics
Collect technical data and determine the security incident’s severities;
Forensic on the compromised system;
Disc image;
Memory dump;
Event logs and system traces;
Network and application.
4) Training
Share (to ITS and SOC) the knowledge and skills by organizing training sessions and write documentation;
Self training to rise in expertise;
Techniques and forensic tools;
Exploitation of vulnerabilities;
Methods and analysis tools (survey, training, international conferences, …).
5) Penetration testing
Evaluate the security of an organisation's IT infrastructure and Applications;
Simulate attacks;
Be able to identify all weakness and report the findings.
The candidate must be operational on the security equipment used in the Natixis IS and know the existing architectures.
If necessary, it must be able to change and adapt security equipment configurations, and must therefore know the operational risks and be able to evaluate the impacts of its actions.
They must have extensive knowledge in most of the technical fields below, but of course he is not expected to be an expert in all these fields.
They must be willing to document and self-train to deal with these technical concept.
The day-to-day
Plan the penetration test;
Select, design and create appropriate tools for testing;
Perform the penetration test on computer systems, networks, web-based and mobile applications;
Document your methodologies;
Gather the data intelligence not only from the output of the automated penetration tools but also from information gathered from earlier stages to identify vulnerabilities that the tools may not see;
Analyse the outcomes and make recommendations for security improvements;
And last but not least, review your findings and feedback with SOC analysts.
REQUIREMENTS
SKILLS
1) DEVELOPMENT
One or more of following programing languages and scripting languages (Python, JavaScript, C, C++, Assembler, Shell).
2) SIEM
Knowledge of SIEM solutions;
Experience with Splunk search syntax and Regex.
3) SYSTEM/NETWORK
Operating system : Unix, Linux, Windows, Android/IOS;
System security vulnerabilities and remediation techniques, including how system processes are working;
Network protocols TCP/IP, routing, IPsec and VPN;
Good knowledge on Internet application protocols weaknesses and vulnerabilities: HTTP[S], SMTP, DNS, NTP, LDAP, SIP, SAMBA, SSH, etc;
Internet architecture definition;
Vulnerability analysis and assessment tools;
Penetration testing methods and tools, especially Web exploits (injections SQL, XSS/CSRF, etc.).
4) SECURITY:
Cyberattacks and counter-measures (network, system, application);
Information monitoring methods and tools;
Standard applications security configurations and hardening (web servers, mail, database, DNS, proxy, firewall, etc.);
Overview on one or more of following subjects;
Application vulnerabilities (web browser, office application, web servers, database, etc.);
Intrusion methods and malicious activities (backdoor, rootkits, botnet, C&C, APT, etc.);
Malicious codes operating mode: persistent, communication, self-protection (cryptography, unpacking, etc.);
Static and dynamic analysis tools (ollyDBG, windbg, immunity debugge, x64dbg, IDA);
Forensic tools;
Sandbox;
Behavioral.
REQUIRED QUALITIES
Good level of English - minimum B2 (mandatory);
Demonstrate autonomy, curiosity, responsiveness, initiative, readiness, discretion, and a sense of responsibility;
Sharp sense of analysis and investigation;
Ability to correlate disparate datasets and to conduct research work;
Ability to design and implement innovative solutions;
Ability to adapt to very different contexts;
Formalize, write the results of an analysis;
Work and cooperate with team members (knowledge sharing, technical collaboration and mutual assistance).
The position therefore requires high level of curiosity, a real ability to grasp new concepts and a permanent challenge.
Which implies as first quality: Open-mindedness
At SOC, the security is not a risk management, the master word “Nothing is secured, everything is exploitable”
PERKS
Capgemini Engineering combines, under one brand, a unique set of strengths from across the Capgemini Group: the world leading engineering and R&D services of Altran – acquired by Capgemini in 2020 - and Capgemini's digital manufacturing expertise. With broad industry knowledge and cutting-edge technologies in digital and software, Capgemini Engineering supports the convergence of the physical and digital worlds. Combined with the capabilities of the rest of the Group, it helps clients to accelerate their journey towards Intelligent Industry. Capgemini Engineering has more than 52,000 engineer and scientist team members in over 30 countries across sectors including aeronautics, automotive, railways, communications, energy, life sciences, semiconductors, software & internet, space & defence, and consumer products.
Get the Future You Want | www.capgemini-engineering.com/pt/pt-pt/
REMOTE DETAILS
2 days / week at the office
More Developer Job Boards
Fullstack Developer Jobs Golang Jobs JavaScript Jobs Python Jobs React Jobs Rust Jobs Java Jobs