Cyber Security Expert

Company Description

We are an equal opportunities employer and place where everyone is welcome. We strongly encourage people from minority backgrounds, LGBTQIA+, parents, and individuals with disabilities to apply. If you need reasonable adjustments at any point in the application or interview process, please let us know.

In your application, please feel free to note which pronouns you use (For example - she/her/hers, he/him/his, they/them/theirs, etc).

We’re one of the world’s largest privately owned real estate tech companies and a subsidiary of Axel Springer. Our mission is to unlock everyone’s perfect place!  Some of Europe’s best known digital real estate marketplaces and brands form part of our Group, they are: 🇫🇷 Meilleurs Agents, 🇫🇷 Groupe SeLoger, 🇧🇪 Immoweb, 🇩🇪 Immowelt, 🇪🇸 Housell and 🇮🇱 Yad2.

We also invest in innovative business models which shape the future of how people buy, sell, rent or lend properties and hold minority participations in companies such as: 🇬🇧 PurpleBricks, 🇩🇪 Homeday, 🇺🇸 Zumper and 🇺🇸 Parcel.

Our ambition is to be the leading Employer in PropTech across Europe and this is a pivotal time to join us as we embark on this journey enabling us to help unlock everyone’s perfect place!

Job Description

This role is based in our CyberSecurity Team at AVIV

Reporting directly to the Head of CyberSOC, the Cybersecurity Expert contributes to cybersecurity surveillance operations and threat intelligence by building and running a whole ecosystem to monitor and protect the information systems. 

The person hired will be responsible for providing expertise on the implementation and design of innovative technical cybersecurity toolsets and solutions, alongside providing support on highly complex incident response activities.

They will join a team of experts with diverse profiles and skills to promote knowledge exchange and the internal incubation of new ideas and practices. In this hands-on role, the post holder will proactively look to improve the overall CyberSOC capability and analysis workflow.

This will incorporate working with the required key stakeholders to extract the complete capability from all CyberSOC toolsets and streamline the analysis workflow to drive efficiencies into the CyberSOC ways of working.

The Cybersecurity Expert effectively engages with required key stakeholders to ensure the platforms that the CyberSOC relies on are optimised, robust and continuously evaluated to utilise the complete capability associated. The Cybersecurity Expert may also have to carry out interesting activities. The CyberSOC is a new function in the organisation which is to be built from scratch.

WE ARE LOOKING FOR AN INDIVIDUAL WHO CAN:

• Contribute to building and running the company’s CyberSOC;
• Conduct research, analysis, and correlation across a wide variety of all source cyber threat data sets (indications and warning);
• Research, identify, and verify new cyber threat adversary tools, tactics, and processes (TTPs);
• Performs detailed analysis of cyber threat adversary and develops recommendations for countermeasures, performs threat intelligence reporting;
• Contribute to coordinated response to complex Cyber-attacks and internal investigations, Act as a technical advisor;
• Contribute to the advancement of the Company’s vulnerability management program to ensure consistent identification, analysis, response, and monitoring of cybersecurity threats, events, and vulnerabilities;
• Contribute to the development of the Identity & Access Management (AWS environment) program
• Contribute to the Endpoint Protection program
• Contribute to the security tools and continuous monitoring program
• Report any identified threat to the CISO and propose mitigation strategies
• Contribute to building and running the company’s SIEM;
• Perform penetration testing on the company’s assets (applications, platforms, infrastructures) and propose remediation measures;
• Assist in the execution of company’s Cybersecurity security program;

Qualifications

AN INDIVIDUAL WHO HAS :

• Several years of information security experience is required with a proven track record including a good foundation in an cloud environment;
• Deep understanding of cloud technologies and architectures (AWS environment);
• Deep understanding of AWS IAM Policies;
• Experience in hunting, monitoring, analysing, and responding to infrastructure threats;
• Well experienced with Zero-Trust methodologies with a proficient understanding of advanced attack methodologies, including living off the land techniques and TTPs outlined in MITRE ATT&CK framework is beneficial;
• Have technical experience in some of the following areas: Endpoint Detection & Response, IAM, EDR, Firewall, Proxy, Sandbox technologies, Threat Hunting;
• Demonstrated experience working as an Analyst in a CyberSOC/CERT (4+ years) or in the development of security solutions related to these areas;
• Demonstrated experience responding to and participating in efforts to remediate incidents;
• One or more AWS certifications would be a plus;
• Hacking certifications would be a plus (CEH, OSCP, GIAC Penetration tester…).
• Fluency in English (French, German or Dutch is a plus)

Additional Information

• We are one of the leading PropTech platforms in Europe. If you’ve ever rented or purchased a property then you may have used one of our classified portals.  This is a great time to join us to help elevate our AVIV brand.
• A high visibility role in our organisation reporting into our Head of GRC.
• The opportunity to work hybrid within our operating footprint with international travel to our locations in France, Belgium and Germany.
• The autonomy to work in a style which suits you to be the most productive
• The freedom to tell us which tools you need to be successful in your job so we can set you up to make it happen.