Role Description - Aufstellen von Hypothesen über potenzielle Bedrohungen - Manuelle und Teilautomatisierte Analyse von IT-Systemen sowie Analyse der Hypothesen mit Hilfe von SIEM - Proaktive und iterative Suche durch Netzwerke, um fortgeschrittene Bedrohungen zu erkennen und zu isolieren - Verbesserung des automatisierten Teils des Erkennungssystems - Untersuchung potenzieller Risiken und Verfolgung von verdächtigem Verhalten im Netzwerk - Erstellung von IT-Security-Auswertungen zu sicherheitsrelevanten Ereignissen - (Teil-) Begleitung in IT-Projekten, insbesondere bei dem Aufbau von IT-sicherheitsrelevanten Lösungen - Planung und Durchführung von Standard-Changes gemäß ITIL - Teilnahme an Rufbereitschaftsdiensten Qualifications - Erfolgreich abgeschlossenes Studium der Informatik oder vergleichbare abgeschossene Ausbildung mit IT-Schwerpunkt - Sehr gute Kenntnisse in der Security (IPS/IDS, Threat Intelligence, Threat Analyse und Vulnerabilites) - Sehr gute Kenntnisse im IT-Security- und Netzwerkumfeld sowie im Bereich Hardening - Sehr gute Kenntnisse im Bereich Pentest und Schwachstellenmanagement - Gute Kenntnisse im Bereich Linux und/oder Windows - Praxis im Security Prozessmanagement - Programmiererfahrung mit z.B. Phyton - Erfahrung mit Elastic wünschenswert und erste Berührungspunkte mit Service Now von Vorteil - Strukturiertes, eigenverantwortliches und lösungsorientiertes Arbeiten - Einsatz und Lernbereitschaft hinsichtlich technologischer Entwicklungen - Gute Deutsch- und Englischkenntnisse in Wort und Schrift Benefits - Unbefristeter Arbeitsvertrag und flexible Arbeitszeiten - Ruhezeitenausgleich auf Dein Stundenkonto - Arbeiten an verschiedenen Standorten möglich (z.B. Nürnberg, Aschheim, Berlin) oder auch zu 100% Remote - Hochwertiges Equipment: Laptop und Firmenhandy auch zur privaten Nutzung - Individuelle Förderung und Weiterentwicklung durch Inhouse-Trainings und externe Schulungen - Kinderbetreuungskostenzuschuss (pro Monat/Kind) und Corporate Benefits - Attraktive Firmenevents (inkl. Reisekostenübernahme), kollegiales und wertschätzendes Arbeitsumfeld sowie Duz-Kultur ab dem ersten Tag - Großzügiger Zuschuss zum Deutschlandticket - Gesundheitsmanagement (z.B. kostenlose Massagen inhouse), Jobrad Leasing und betriebliche Altersvorsorge mit Zuschuss - Welcome Day, direkter Ansprechpartner (m/w/d) und strukturierte Einarbeitungsphase - Getränke for free (auch Softdrinks) und frisches Obst an den Standorten

• Formulating hypotheses about potential threats • Manual and partially automated analysis of IT systems and validation of hypotheses using SIEM • Proactive and iterative threat hunting through networks to detect and isolate advanced threats • Improving the automated components of the detection system • Investigating potential risks and tracking suspicious network activity • Preparing IT security assessments for security-related incidents • (Partial) participation in IT projects, particularly in implementing security-related solutions • Planning and executing standard changes in accordance with ITIL • Participation in on-call duty

Description:  The Security Analyst I role is a critical position within the organization. The primary function of the role will be to provide monitoring of deployed customer environments for security events. This includes establishing the extent of a threat, the business impact, and advising the most suitable course of action to contain and remedy the event. A Cybersecurity Technician will serve as an escalation point to the subject matter expert for in-depth cybersecurity events and must be able to communicate effectively to all stakeholders during the event management process.  Responsibilities:  ·        Manage the security event monitoring and incident response ticket queues and triage as appropriate to meet the established service level agreements ·        Promptly transfer cybersecurity tickets to the client or internal point of contact ·        Clearly convey indicators of compromise, isolation, and remediation steps ·        Analyze and interpret system, security, and application logs in order to diagnose faults, spot abnormal behavior, and rule out false positives ·        Effectively utilize End Detection and Response tools to investigate alerts, anomalies, and build accurate timelines related to possible compromise ·        Follow established procedures to investigate, escalate, contain, or eradicate malicious activity ·        Develop and deliver written and oral reports to clients, teammates, and management to aggregate and communicate security information and metrics ·        Provide input and recommendations to improve internal processes and procedures related to SOC duties and responsibilities ·        Participate in threat-hunting activities and other special projects as required ·        Understand and follow, our set of standards and processes that produce a predictable result for the client. You must be aware of and maintain our standards. Additional Responsibilities:  ·        Maintain accurate and real-time timesheets, record complete and accurate notes of troubleshooting and communication with clients ·        Receive mentoring and feedback from peers and others ·        Where appropriate, escalate complicated issues to a more senior resource or other appropriate teams ·        Review Tickets with Manager ·        Actively Participate in Team Huddles, L10 Meetings, One on One Meetings, and any other Team Meetings ·        Create and update documentation when changes occur, or when discoveries are made ·        Attend monthly training & team meetings as required ·        Additional duties as required

Vulnerability Management Specialist - Qualys ( Cyber security -Tool) As an vulnerability management specialist, you will support the SOC team in their daily activity and administrating Operational Security Processes. You will be asked to identify improvements in current processes and formalize it through clear documentation. Among the ongoing administration of Processes, your main responsibilities will be to manage the vulnerability scan process. The process is based on Qualys Tools. • Perform global infra vulnerability scanning along with change management process • Help system administrators to deploy and troubleshoot Qualys agent on different operating systems (Windows, Linux, AIX, etc) • Analyze scan results and deploy Qualys appliances(virtual and physical) to enhance scan coverage • Responsible for understanding, reviewing, and interpreting assessment and scanning results, reducing false positive findings, and acting as a trusted security advisor to the client. • Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders • Develop and report enterprise-level metrics for vulnerabilities and remediation progress • User requests administration: manage users request on the platforms. Add Hosts, Assets Groups, create scan, report or Dashboard (using the standard and process delivered by SOC SG). Including Emergency stop of scan. • Manage Vulnerability Scan for GTS: Manage the Change management process to request a scan on GTS infrastructure. Manage the change creation, the achievement of the change process following by the job creation on Qualys platform. • Present Vulnerability Assessment Scanning and guidance, False Positive Validation, Compliance Scanning and, scan profile and policy creation. • Analysis of vulnerability: based on group standards, manage the alerting on critical vulnerability found by a vulnerability scan and follow the mitigation with remediation teams • Ability to identify false positives • Knowledge of vulnerability management frameworks and concepts such as CVE, and CVSS scoring systems and attacking vectors • Dashboard: generate monthly and quarterly reports and dashboards. • Understanding of Qualys tags • Manage Internal Qualys infrastructure: survey the status of Qualys appliances and manage the RMA process and deployment of new appliances. • Implement automated, proactive security measures • Hands on Qualys modules Vulnerability Management, Security Configuration Assessment(SCA)/Policy Compliance, Container Security, Cloud Agent, Container Security, Cloud security • Knowledge and experience on Terraform, python and any scripting is required Required Profile required • End to end understanding of Vulnerability management (scanning, remediation follow-up, false positive verification) • Conduct Network and System Vulnerability assessments and documentation of corrective/remediation actions • Drive the end-to-end vulnerability lifecycle from discovery to closure • Identify internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer's information assets • Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders Ensure timely follow up with patch management and vulnerability remediation in coordination with Countermeasures personnel He/She has good knowledge in the Qualys Vulnerability assessment tool & Management . He/she has to complete certification in Qualys Guard: - Qualys VMDR - Qualys Cloud Agent - Qualys Policy Compliance - Qualys CSAM - EC-Council CEH At Zensar, we’re “experience-led everything”. We are committed to conceptualizing, designing, engineering, marketing, and managing digital solutions and experiences for over 130 leading enterprises. We are a company driven by a bold purpose: Together, we shape experiences for better futures. Whether for our clients, our people, or the world around us, this belief powers everything we do. At the heart of our culture is ONE with Client - a set of four core values that reflect who we are and how we work: One Zensar, Nurturing, Empowering, and Client Focus. Part of the $4.8 billion RPG Group, we’re a community of 10,000+ innovators across 30+ global locations, including Milpitas, Seattle, Princeton, Cape Town, London, Zurich, Singapore, and Mexico City. Explore Life at Zensar and join us to Grow. Own. Achieve. Learn. to be the best version of yourself. We believe the best work happens when individuality is celebrated, growth is encouraged, and well-being is prioritized. We are an equal employment opportunity (EEO) and affirmative action employer, committed to creating an inclusive workplace. All qualified applicants will be considered without regard to race, creed, color, ancestry, religion, sex, national origin, citizenship, age, sexual orientation, gender identity, disability, marital status, family medical leave status, or protected veteran status.