Vulnerability Management And Platform Analystflexibel; Barcelona, Spanien; Madrid, Spanien; Por...

.ABOUT THE JOBAs a Vulnerability Management and Platform Analyst you will promote a security first culture at TUI.You will work with resolver teams to ensure that information security events and vulnerabilities are automatically generated, appropriately addressed and closed in local ticketing systems and ensure reporting on key performance indicators and service levels.Our information security team works in collaboration with business and IT teams across our many domains. You adopt a pragmatic and can-do' attitude in everything you do, partnering with your colleagues across the TUI businesses and IT functions worldwide.You build strong working relationships and influence others to do the right thing to Protect our Smile.Main ResponsibilitiesMonitor for alerts from security tools, including, but not limited to, security analytics platforms, automation tools, ticket management systems, user-reported alerts, and others.Triage security alerts, including initial analysis to determine the validity of alerts and gather additional context.Work the full incident lifecycle from detection, investigation, response, to remediation for security defects.Contribute to the further development, maintenance, and standardization of Security processes, policies, and procedures.Work with other IT / security teams to identify areas for improvement around detection, investigation, and response.Research common and topical commodity and APT-based malware tactics and techniques in preparation for future attacks.Tune security tools and minimize false positives.Assist Cyber Security Operations Lead to generate and execute on new ideas for content, technology advancements, and proactive defence improvement projects.Success MetricsMean-time-to-acknowledge.Mean-time-to-respond (MTTR) by alert severity.Process adherence.Recurring incident ratio.ABOUT YOUDemonstrable deep experience of design and build of systems integration, ideally in a security operations environment.Strong technical and IT operations background, with at least 5 years of experience.Experience of working with Splunk or similar SIEM platforms, Vulnerability Management applications, Service Desk systems and security monitoring tools desirable with experience in designing and developing these platforms.Familiarity and experience with Windows, macOS, Linux, and Unix operating systems.Computer networking and cloud technology fundamentals.Understanding of Active Directory, LDAP, IDaaS (AAD etc.).Rudimentary security knowledge and awareness of firewalls, proxies, antivirus, and IPS / IDS concepts.Experience scripting in Python or PowerShell.Experience using Microsoft Excel and Word.Excellent written and verbal communication skills.Good interpersonal skills so that you can work well with and influence your information security, and IT operations colleagues from around the world.Empathy to respond with understanding and care in the event of a security incident