Cybersecurity Analyst

Location    Stockholm, Sweden

Ava is a global technology company with offices in the UK, Norway, and the USA. We exist because we believe that we can create a better, smarter way to deliver security.

We inject intelligence into our approach to security and all our solutions. We help organizations see, understand, and act on their surroundings to protect their people, business, and reputation in real-time.

We founded Ava Cyber in 2016 and Ava Video in 2018 and the two companies merged in 2020 to become a unified security provider with extensive capital investment from Ubon Partners.

Responsibilities

  • Using the Jazz Solution to review the latest alerts and determine relevance and urgency
  • Responding to and investigating alerts (performing a broad range of intrusion/insider risk analysis and/or intrusion or insider risk detection tasks using an analytical and systematic approach)
  • Liaising with customers to detail investigation outcomes and recommend quick and effective remediation actions (be involved in incident response, event handling and work around attack analysis)
  • Developing and executing crisis communication plan to CISO and other stakeholders
  • Producing reports on vulnerability research, security analytics, threat analysis, and digital network forensics
  • Assisting in the definition of analysis procedures and protocols
  • Contributing to the continuously evolving Jazz Solution (identifying solution improvements and new Machine Learning features and working with R&D to add those to the product)
  • Lead small projects as needed
  • Leading threat hunting workshops and contributing to the related daily business tasks
  • Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics
  • Troubleshooting and helping isolate issues with customer Jazz deployment
  • White paper and blogging of identified and resolved security threats (with client permission)

Qualifications

  • 2 years experience in Cyber Security/ SOC type environment or a similar industry role
  • A good understanding of multiple operating systems, networking, security network devices, databases and SIEM tooling
  • Bachelors Degree in Computer Science (or a similar qualification)

Essential skills

  • Excellent knowledge of Intrusion Detection and prevention principals (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
  • Ability to read and understand packet level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc)
  • Solid grounding in Protective Monitoring, Security Device Management, CIRT and Threat Intelligence with demonstrable security incident response experience
  • Knowledge of various types of attacks, as well as a strong knowledge of infection vectors and indicators of an infection
  • Good understanding of a range of network and other protocols such as TCP/IP, HTTP, DNS, ARP, DHCP, SMTP, FTP, Telnet, IRC, LDAP, SSL
  • Knowledge of TCPDump, WireShark, Snort, and/or other security tools highly desirable
  • Good written and oral Swedish and English. Ability to write reports and present to technical and non-technical stakeholders up to and including board level
  • Ability to work in a team with good communication skills.
  • Exposure on Vulnerability assessment as well as penetration testing or forensic analysis fields are an advantage
  • Industry recognized certifications e.g. CISSP, GCIA, GCIH, GCFA, GCFE, etc.
  • Be familiar with using data visualization tools and penetration testing tools

All potential employees will undergo stringent reference and identity checks. 

Offer

  • Full time
  • Competitive salary 
  • Additional company benefits based on location