Expert - Cyber Security Analyst

The role is part of the Cyber & Information Security function and is responsible for day-by-day security monitoring activities in the Cyber Fusion Center (CFC) of Sky Italia, ensuring that the corporate digital assets (including online and on-premises infrastructures) and Company’s data (corporate and customers) are protected from unauthorized access. The role holder will be also heavily engaged in the Incident Handling & Response process and will support Threat Intelligence and Threat Hunting activities.

Main responsabilities:

• Monitor and analyse security events resulting from threats and indicators of compromise defined, through the security platforms set up by the company (SIEM, UBA, EDR, …) and the analysis of the systems logs.
• Manage the development of detection &response models and algorithms, using advanced analytical tools, to evolve and increase the Company's security coverage.
• Support the continuous improvement of the CFC cyber security platforms, contributing to their evolution in terms of automation and orchestration capacity.
• Support the incident response process in accordance with Company’s policies/procedures and activating, where necessary, the escalation processes.
• Support the continuous tuning of the perimetral protection systems of the corporate resources (e.g: firewall policies, navigation profiles, etc ...).
• Support the analysis and collection of evidence in the fields of anti-fraud, anti-piracy and digital forensics.
• Monitor and analyse phishing emails reported by corporate users.
• Support the threat intelligence and threat hunting activities, in tight collaboration with the teams at local and Sky Group level.
• Definition and management of documentation related to playbooks to be used during the incident detection & response activities.
• Support the Cyber Security Architecture unit as subject matter expert (SME) in the security operation field (bringing knowledge and expertise in the development/review of Sky Italia services).

Requirements:

• Master’s degree in cyber security, Computer Science or Telecommunication Engineering (or equivalent experience of minimum 2-3 years).
• Proven experience in Security Operation Center activities, with a particular focus on cyber security detection & response field, with very good knowledge of cyber security platforms/tooling like SIEM, SOAR and TIP (e.g: MISP, …).
• knowledge of methodologies and frameworks in the security incident management area.
• Excellent knowledge of the operating systems (e.g.: Microsoft Windows, Linux RedHat/ CentOS, Unix).
• Good knowledge of communication networks, architectures, infrastructures and equipment in the Network Security area (Firewall, IPS, Balancer, WAF, VPN, etc ...).
• Good knowledge of Cloud architectures and platform/services (AWS, GCP, AZURE; Salesforce, …).
• Good knowledge of PKI and cryptographic infrastructures.
• Experience in managing endpoint protection architectures (next generation EDR/XDR), and Data Loss Prevention.
• Good knowledge of programming languages and reverse-coding of applications and malware.
• Specific security certifications like (one or more of the following) like: GIAC GCIH, GIAC GCIA, AWS Cloud Practitioner, GCP Cloud Engineer.
• Languages: italian, english (good+ professional level).

Soft skills:

• Ability to constructively and proactively interact with other departments (technical & non-technical), suppliers and stakeholders, respecting needs of each role.
• Flexibility, autonomy, speed; proactive and highly assertive candidate, with a strong goal orientation.
• Team working, troubleshooting e problem solving skills.
• Writing and verbal skills to communicate efficiently and provide elegant reporting at both technical and C-level.