Generali is a major player in the global insurance industry a strategic and highly important sector for the growth, development and welfare of modern societies.
GSS provides shared services to the Generali Group companies having the Head Office in Italy and 5 branches in other European countries with a total staff of about people.
The Blue Team Unit has in charge the detection, the containment, the management and the mitigations of vulnerabilities, security threats and security incident.
The main trasks are : Identify the events that could lead to loss or disruption of operation, service or function within the organization, also using early warning received by the Group Security Intelligence Analyze the security incident identified by SOC, deepen the criticalities and monitor the remediation to be undertaken Proactively indetify possible threats performing threat hunting activities Define priority of incidents to determine the appropriate response and course of action that has to be taken to effectively manage the incident to conclusion Limit disruption and its consequences and returning back to business as usual Support, monitor and control the mitigation / resolution activities undertaken Execute the escalation process when incident becomes a crisis / emergency Provide structured ex post analysis to the detection or resolution of the event Perform forensic analysis on infected assets Report and present the results of the analysis in both oral and written form It could be also requedsted to support the team performing the other tasks of the Unit : Monitor all the security events, detecting, containing, managing and mitigating through the SOC support GHO Security Intelligence activities in order to develop and manage the Security Intelligence tools, feeds and platforms.
support GHO IT Security to define a set of possible attacks (use cases), assessing the probability, the potential harm and the priority of identified attacks and thus minimizing the risk involved manage, test and evolve the Security Operation Center execute the vulnerability management process, performing periodical vulnerability scans, tracking the remediation and coordinating the patching The ideal candidate will meet the following requirements : STEM degree-level (Science, Technology, Engineering or Mathematics) with strong passion on cyber security Knowledge of SIEM technologies (QRadar, Splunk, ) and Big Data tools for analytics Strong understanding of the security implications and investigation methods for the most common IT components : network infrastructure (routing, switching and firewalls), security infrastructure (IPS, WAF, AV), OS knowledge (Linux / UNIX and Microsoft Windows, client and server), core infrastructures (Active Directory, Exchange, DNS, DHCP), full stack web services infrastructure and technologies involved (front-end to back-end).
Analysis of network captures and knowledge of TCP / IP and network protocols. Forensic analysis experience Experience in at least one of the following programming languages : Python, C, C++, Java Nice to have : Certifications on Information Security ( CISSP, GSEC, CEH, CSX, CHFI etc.
Demonstrated ability to work effectively as part of a team Excellent written and oral English language skills Advanced problem solving and analytical.
While everyone is running around shouting "the system's dead", the ideal candidate for Incident Responder in GSS Blue Team should have the sense and skills to rationally figure out why Great attention to privacy and confidentiality managing critical information.
Great sense of information classification and ability to understand the right level of disclosure in each situation Pugnacity, tenacity, imagination, judgment and the resistance to stress are also key qualities in that job Ability to work under pressure in a mission critical scenario and to deal with different kind stakeholders (role, culture, language, skills). Proactivity,