Generali is a major player in the global insurance industry – a strategic and highly important sector for the growth, development and welfare of modern societies. Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with
Generali is a major player in the global insurance industry – a strategic and highly important sector for the growth, development and welfare of modern societies.
Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with 470 companies and nearly 80,000 employees. Our Group aims to become the standard bearer and industry leader in the European retail insurance market, building on our existing base of 50 million retail clients, out of an overall total of 72 million.
GSS provides shared services to the Group companies, with Head Office in Italy and branches in 5 European countries, a total staff of about 1.000 people. Within the Chief Security Office Division, we are looking for a Security Operation Centre Specialist, who will perform the following activities:
SIEM administration and optimisation activities:
- Develop and support central SIEM infrastructure deployed across company sites
- Perform Log sources integration and management providing analysis and trending of security log data from a large number of heterogeneous security devices
- Provide Incident Response (IR) support when analysis confirms actionable incident
- Investigate, document, and report on information security issues and emerging trends
- Act upon threat intelligence provided by Cyber Threat Intelligence function
- Respond to Information Security related queries
- Mentor and train junior analysts to enhance the overall technical skill-set of the SOC, establish analytic discipline and critical thinking, and promote greater curiosity – thinking "outside the box"
- Investigate IOCs provided by Cyber Threat Intelligence or the Cyber Hunter function
- Supporting handling incidents – encompassing multiple functions: detection and identification, incident triage
- Actively support the projects mission providing solutions, skills and experience.
- Provide support during the internal and externals Audit activities
- Integrate and share information with other analysts and other teams
- Actively Interact with SOC Level 1 team and CERT team daily basis providing support improving the quality of the services
The ideal candidate will meet the following requirements:
- Expand, tune, and enhance rule-sets – SIEM, – to identify security incidents and reduce false positives
- SIEM maturity assessment
- Support in on-boarding activities of new customers or company branch offices
- Support architecture changes and design reviews
- Develop custom parsers
- Develop and maintain custom reports
- Develop and maintain a Use case factory
- Strong expertise and experience in enterprise Cyber Security environments and Security Operation Centres
- Advanced knowledge in Enterprise SIEM platform (IBM Qradar preferred)
- Working in a 8x5 Security Operation Center (SOC L2) environment.