Job Location : Luxembourg
Ferrero is a family-owned company with a truly progressive and global outlook and iconic brands such as Nutella®, Tic Tac®, Ferrero Rocher®, Raffaello®, Kinder Bueno® and Kinder Surprise®.
As the love for our brands continues to grow, so too does our global reach. Represented in 55 countries, with products sold in more than 170, the Ferrero Group is loved by generations around the world.
The secret to our global success? Nearly 35,000 dedicated employees who celebrate care and quality to craft a business, careers and brands we are proud of.
Join us, and you could be one of them.
About the Role :
For our HQs in Luxembourg , we are looking for a Cybersecurity Threat Hunter whose focus will be to proactively analyze data to identify symptoms of any negative influence on Ferrero processes and act on them.
This is a full scope counter intrusion operations responsibility.
The incumbent will be part of the Global Advance Cyber Defense Center (ACDC) while being responsible for unstructured and structured data analysis looking for any patterns, TTPs, and IoC to identify intrusion or breach.
While triage is a critically important aspect or classical incident response approach, the Threat Hunter will be hunting from one system to another to look for any symptoms of a threat, instead of waiting for the threat to come to him or her.
Hunting compromises all functions from supporting classical SOC, through triaging any sign of a threat in distributed and / or centralized environments, attributing indicators to threat models, performing forensics analysis to understand the cause and effect, updating the data science models, tuning detection mechanisms, managing recognized incident and finally interacting with the threat to either watch-and-learn or act on it immediately.
The job requires an interdisciplinary approach with a combination of interaction with tools (technology), people and multiple processes to minimize the risk due to cyber threats simultaneously minimizing the effort.
Main Responsibilities :
Analyzes structured and unstructured data from decentralized and centralized, formal and informal sources to understand causes, means, symptoms and effects of any event that may be in relevance to cyber security of Ferrero mission;
Executes the following sub-processes : hunt and triage, host-based and network-based forensic, containment and eradication, indicators analysis and propagation, interact with any available tools, data science analysis, incident management, threat modeling;
Assists in classical incident response activities such as host triage and evidence preservation, remote system analysis, end-user interviews, and support on remediation efforts;
Decides either to watch and learn or act immediately on new indicators;
Synthetizes and document observables;
Develops tools and models for improved analysis;
Development of data science models and capabilities (API, data curation, filtering, data summarization, etc.);
Automatization hunting traps, correlation rules, filtering, intelligence gathering and processing;
Participation to general Information Security developments;
Coordinates with IT, OT and Cyber Security to develop appropriate countermeasures based on the analyzed present and historical situational awareness to strengthen the Ferrero System.
Who we are looking for :
Master Degree in Information Technology or other related fields (higher degree in technical sciences, social sciences or general science);
Familiarity and 4-6 years of work experience in working with all parts of cyber defense functions : classical reactive SOC and Incident Response, contemporary Threat Hunting, Crisis Management, Forensics, Network Security Monitoring, Indicators Analysis etc.
Past and similar responsibilities related to roles : SOC Operator, SOC analyst, event analyst, project manager, first responder, forensics investigator, threat hunter, incident responder, incident coordinator and similar.
In depth understanding of intrusion detection, threat hunting, incident management and triage processes;
Knowledge and experience in :
working with the Cyber Kill Chain Model, Diamond Model, MITRE ATT&CK Matrix and similar;
scripting (PowerShell, Python, Bash, etc.) and custom databases;
Team and collaboration orientation;
Problem solving and performance driven;
Effective communication skills;
Enthusiasm and commitment to excellence with a result-oriented approach.
IT & Other Skills :
Proficiency in MS Office skills Advanced in Excel;
Professional Certifications that will be considered a plus :
FOR508 Advanced Incident Response & Threat Hunting
FOR572 : Advanced Network Forensics : Threat Hunting, Analysis, and Incident Response
FOR578 : Cyber Threat Intelligence
SEC503 : Intrusion Detection In-Depth
SEC504 : Hacker Tools, Techniques, Exploits, and Incident Handling
SEC511 : Continuous Monitoring and Security Operations.
Language Skills :
Fluency in spoken and written English;
Knowledge of any other European language will be considered a plus.
We offer :
An international and challenging working environment;
An attractive salary package.
How to be successful in the role and at Ferrero :
Consumers, quality and care are at the heart of everything we do. So, to be successful at Ferrero, you’ll need to be just as consumer and product centric as we are - dedicated to crafting brilliant results for consumers around the world.