Incident & Threat Response Specialist


Job Description
We’re looking for highly motivated and experienced individuals to join our growing Group Cyber Defense team, with a demonstrated history of working in the field. These roles will cover specializations and will perform tasks associated with the execution and continuous further improvements in a wide range of different technical Cyber Security disciplines, like cyber threat intelligence, incident response and forensics investigation, malware reverse engineering, SIEM/SOC management and security analytics.

The candidate will be involved in the following activities:

Managing response and mitigation activities to relevant Cyber Security threats, incidents and attacks at Group level
Monitoring and detecting Cyber attacks and threats through the development of a Security Operation Center (SOC) at Group level
Coordinate advanced threat intelligence based ethical red and purple teaming activities at Group level, according to the applicable regulations (e.g. TIBER-EU)
Define and maintain a Group Cyber Incident Response technical measures, standard and framework, driving its implementation at Group level

The ideal candidate has to be in possession of skills, and demonstrate solid practical hands-on experience, in most of the following areas:

Understanding of the life cycle (so called “Kill Chain”) of cyber security attacks, understanding of intrusion set tactics, techniques and procedures (TTPs) and experience in design and develop detective controls / use-cases along the Kill Chain,
Ability to understand and performing analysis of security events in central tools (e.g. SIEM, Syslog) and practical experience in working with some of the main commercial tools (e.g. Splunk, QRadar),
Solid understanding of network protocols and technologies, and ability to perform traffic analysis with common tools (e.g. Wireshark, TCPDump),
Proficiency in create and customize automation tools using multiple common programming / scripting languages (e.g. Python, Powershell, Bash, PERL, Ruby, PHP),
Ability to perform static and dynamic malware analysis and reverse engineering, with commercial and open-source tools (e.g. Cuckoo Sandbox, YARA, Virus Total),
Solid understanding of EDR concepts for performing threat detection / response and forensics analysis, and experience in working with some of the main commercial tools (e.g. CrowdStrike, ATP Defender, Cortex),
Knowledge of typical core security prevention and detection tools (e.g. FW, IDS, WAF, AV, proxy) and performing analysis of related security events and logs
The ideal candidate will have the following requirements:

Bachelor’s degree, preferred in Computer Science and Engineering, or comparable training with professional experience in the relevant area
Certification related to technical security (e.g. GIAC, OSCP, CEH) and willingness for continuous further qualification in relevant topics
Ability to work in large international projects related to strategic topics and transformation initiatives.
Demonstrated ability to work effectively as part of a diverse and cohesive team of technically interested colleagues.
Demonstrated enthusiasm for Information Security (e.g. GitHub repo, blogs, presentations, conference talks, participation participated in free skill-building / hacking challenges)
Strong analytical and communications skills, and out-of-the box thinking with a problem-solving mind-set
Solid work experience in a global organization
Excellent written and oral knowledge and fluence in English
Company Profile
The security of customers, employees and commercial partners data, and the continuity of our business services and activities, are one of the most important priority of Generali. We are proud to have our own in-house team of Cyber Security experts who take care of the continuous defense of Generali, both the preventive protection of products and projects, as well as the detection and defense against hackers attacks, ensuring a coordinated response to the increasing cyber security threats.

Generali is a major player in the global insurance industry – a strategic and highly important sector for the growth, development and welfare of modern societies.

Generali is proud to be an inclusive employer that considers applicants regardless of gender, gender identity, sexual orientation, ethnicity, disability, religion, political views, marital status or philosophy of life.

If you have a disability or special need that requires accommodation or assistance, we will support you during the selection process.