Security Services Agent san Diego - San Diego, United States - ESET, LLC

Description

The Security Services Agent (SSA) is a skilled technical support engineer with 2+ years of experience in IT security. This position requires practical experience with security-related components of ESET business products.
Job description

This position requires a working knowledge of ESET Enterprise Inspector, understanding of security architecture across platforms, and experience resolving security/malware incidents.

In addition to completion of ESET's Security Services curriculum, formal certifications such as CompTIA Network+ and CompTIA Security +, MTA, MCSA etc., are highly desirable.

The SSA delivers a high quality of work and requires only modest supervision. This role requires a high level of autonomy in processing service tickets, threat monitoring and threat hunting. This role is expected to provide guidance on security/malware-related questions to the Technical Support organization.

This role reports directly to the Director of Technical Support and takes guidance from the Security Services Lead.

This position requires adaptability and the poise to request help should the agent encounter a situation they are not familiar with.

The SSA should place emphasis on expanding their knowledge of the IT security field as well as ESET products, processes, and services, with special emphasis on Enterprise-tier products.

• Demonstrate an exceptional standard of quality of work
• Maintains and consistently demonstrates knowledge of company guidelines, processes, practices, and procedures; specifically, knowledge of ESET service delivery processes
• Respond to and report questions, concerns, and requests on a 24x7 basis
• Become familiar with all supported ESET business products (including EEI) and their inner workings (mainly configuration, detection, blocking, protection layers, cleaningoriented features, etc.) as well as ESET security services offering, familiarize with ESET business products before their release
• With support of the employer, persistently look for education opportunities in the field of IT security and undergo advanced IT security trainings
• Respond to and solve basic and advanced security support related tickets in accordance with the defined procedures and if needed assist L3 to solve the ticket in question
• Schedule and work on remote sessions with customers
• Adhere to defined processes and communication standards while providing support to customers
• Perform security optimization of the threat monitoring system in the assigned environments
• Perform security monitoring and hunting services for assigned customers or environments
• Perform basic analysis of security threats and evaluation of the data about potential threats
• Prepare reports and communicate incidents to the customer
• Provide consultations to the customer and offer cyber security recommendations
• Adhere to defined processes and communication standards while providing support to customers
• During downtime, this role transitions to assist Business Technical Support

Skills:

• Experience with tools for communication with customer and its environment (ticketing system, remote access, etc.)
• Advanced understanding of operating systems (Windows, macOS, Linux), including concept of file system, processes, services, registry, scheduling, etc.
• Advanced understanding of ESET business products, logs and log collection, and protection layers
• Understanding of and intent to expand knowledge of malware: threat types (phishing, ransomware, financially motivated malware, spyware, backdoor, botnet, etc.)
• Understanding of malware detection: false negative and false positive
• Understanding of cyberattack anatomy and ability to identify attacks
• Understanding of security hygiene concepts
• Understanding of concept of IOCs, TTPs, files, file types, file hashes, URLs, domains, IPs
• Advanced understanding of computer security incident handling
• Advanced understanding of networking (IP address, port, protocol, MAC address, etc.)
• Ability to keep up with trends and new developments in cyber security field (e.g. new types of attacks, new protection measures in ESET business products or in general, etc.)
• Ability to do analysis of issues reported by customers and provide solutions based on previous experience or known/defined procedures or tutorials.
• Ability to reproduce problems on controlled environment and do basic root cause analysis
• Experience with forensic tools (data collection)
• Ability to perform basic forensic analysis based on previous experience or known/defined procedures or tutorials
• Ability to perform basic DFIR assistance based on previous experience or known/defined procedures or tutorials
• Experience as SOC analyst or with security monitoring of computer environment, analysis of suspicious behavior and evaluating outputs from systems for security monitoring (EDR, SIEM, etc.) is an advantage

PERFORMANCE MEASURES:

• Must keep scheduled meetings, calls and followup requests
• Must provide so