Job Description

Roles & Responsibilities

As a mid-level information security analyst, you will help the team monitor Mindera s infrastructure, manage vulnerabilities, respond to incidents, and offer advice and support to Minders.

You will also have the opportunity to contribute to our procedures as well as research and integrate solutions to continually improve Mindera s security posture.

What you'll be up to

• Security monitoring and alerting: Develop, maintain, and fine-tune detection rules for our XDR platform. Investigate security events to determine whether an incident occurred;
• Vulnerability management: Run and analyse vulnerability scans, identify weaknesses, report results and co-ordinate remediation;
• Security enablement: Advise and answer queries from Minders, contribute to security guidelines, awareness, and best practices. Work with development teams to integrate threat modeling into the software development lifecycle, identifying and mitigating potential security risks;
• Incident response: Provide assistance during containment and recovery, prepare reports and use the lessons learned to strengthen our defenses, applying frameworks like MITRE ATT&CK;
• Systems integration: Develop scripts and tools to automate repetitive tasks and leverage Infrastructure as Code (IaC) principles to build and manage integrations across our security tools;

What we re looking for

• Technical Skills:
• XDR Threat Detection/Response: You know your way around XDR platforms like Palo Alto, CrowdStrike, etc. You can confidently investigate security events. You know how build and tune detection rules with a clear understanding of the specific risks they are meant to catch and the impacts that they have on the incident response process.
• Vulnerability Management: You have hands-on experience with tools like Tenable, Qualys, etc. You know how to create scans and reports, query the data, and audit the platform itself. Knowledge of how to use the APIs for automation and vulnerability management processes is a plus;
• Scripting and Automation: You don't like doing repetitive tasks manually. You can write practical scripts to solve problems using languages like Python, or Bash.
• Change management: You know how to test, validate, roll out, and roll back changes safely and securely.
• Operating Systems: You have solid Linux and macOS knowledge, as well as a practical understanding of how things work on Windows;
• Cloud and On-prem Infrastructure: You are familiar with networking concepts and the cloud (AWS, GCP) and have a strong interest in learning and applying Infrastructure as Code (IaC) principles;
• Security Frameworks: You have a basic understanding of the concepts presented by frameworks like MITRE ATT&CK, NIST, CIS and what it means to applying them in practice;
• Communication Skills: You re a good communicator and are not afraid to ask. English is the main language used at Mindera, so you will be using it a lot, both spoken and in writing;
• Interpersonal skills: You can deal with many people from different backgrounds and skillsets and support them effectively;

Desired Candidate Profile

You have at least 3 years of hands-on experience in two or more relevant areas;