Looking for job opportunities within the cyber security field is not always easy as industry needs are pretty high so going through different job ads can be both confusing and time-consuming. Keeping that in mind, while we are looking for all levels of security analysts/ engineers/ architects/ consultants, we decided to make it as easy as possible for you. We decided to give you a (not so) short overview of the main areas we cover when it comes to cyber security in Span and all of the options you have considering your seniority.
If you want a junior or a mid security role, we are most likely to talk to you about our Security Operations Center where we have two levels of security support.
If you have very little to no experience within the security field but you do understand the basics of IT infrastructure (AD, windows/Linux, web applications, databases) and you also have a lot of passion and desire to learn and grow, you are the ideal candidate for Level 1 in our Security Operations Center-SOC. You will be working on triage, analysis, investigation, and handling of security events and alerts as well as on detection of potential security threats. When you get to the part you no longer feel comfortable with, your colleagues from L2 will take over.
Level 2 in SOC is dealing with the advanced investigation and detailed analysis of security alerts and incidents. Also, giving recommendations for remediation or system reconfiguration. They manage and support the log collection, as well as work on security scanning, intrusion detection, and content filtering. In case you already have experience with SIEM, EDR/XDR, WebContent filtering, Antivirus, and vulnerability scanner, you could be a perfect fit for Level 2!
For those who are looking for mid to senior security roles and already have a clear direction they are heading, we have teams that are more specialized and are working on a project basis.
Red Team is working on offensive security which includes penetration testing, phishing activities, attack assessments, and vulnerability assessments. If you are familiar with this and want to continue to develop your career and help us build up team expertise, this is for you!
Blue Team is conducting defensive security activities such as incident response handling, digital forensics, root cause analysis, preventing the recurrence of security incidents, and threat hunting. If you are more on the blue side, even if it’s with a pinch of purple, you might want to talk to our experts who have successfully resolved major and challenging cyber security incidents.
Security Administration/ Engineering is for you if you are a system administrator/engineer and you want to work with implementing security tools and technologies while building your career towards security architecture, you might consider this path. Especially if you have experience with some of the following: cyber security assessments, SIEM, SOAR, PKI, MFA, PAM, UEBA, and security solution design/ consulting.
As you can see, there are a lot of options, many different career opportunities and we didn’t even mention roles such as Information Security Consultants who are helping customers to detect key information to protect and provide recommendations accordingly. And last but definitely not least, Incident Response Managers who are there through thick and thin, handling and staying on top of the most stressful situations during cyber security incidents.
Even though this may seem like we have strong distinctions between all these aspects, in everyday practice, there is a lot of communication, cooperation, and knowledge sharing between all these teams. We make sure we use all the knowledge we have to protect our customers, get to the right solution, and help each team member to build up the expertise of their choice. That’s right! This wide spectrum of security solutions and services we offer to customers is allowing each team member to choose the area and direction they want to professionally develop. This includes certificates, cooperation with top experts, learning (a lot!) from them, and let’s not forget- hands-on experience with real security threats, cyber-attacks, and THE teamwork spiced with a lot of enthusiasm and adrenalin!
An important note at the end - all levels, no matter if you are a security junior or a well-recognized senior, you will have a dedicated mentor who will help you get on board as easily as possible.
Make a difference. Use your power for good and make the world a safer place. Each day!
*For L1 & L2, the job Location is Zagreb. Also, L1 includes shifts which means you get to avoid rush hour! Other levels are available for work from anywhere :)