MSC Mediterranean Shipping Company is a global leader in the shipping and logistics sector.
Founded in 1970 and headquartered in Geneva, Switzerland, MSC is a privately-owned organisation driven by the Aponte family.
Evolving from a one vessel operation, today MSC is a globally respected business with a fleet of 560 vessels and more than 70,000 staff.
With an international integrated Network of road, rail, and sea transport resources - the company prides itself on delivering global Service with local knowledge.
Represented in 155 countries, MSC ensures that shippers can talk directly to our representatives, as well as using a variety of e-business solutions for digitalised cargo bookings.
Responding to the needs of our customers, MSC is a major driving force behind the evolution of smart containers in our industry, helping to set the standards for digital shipping.
The Global Information Technology (IT) Department of Mediterranean Shipping Company (MSC) is actively working on rationalising and streamlining the diverse technological landscape within the Group.
This ongoing initiative bears many aspects and lead to many projects mobilising the overall workforce of the company.
**Security Analyst**:
Within the Security Operations Center and under its governance, the Security Analyst mission is to protect information assets and detect, analyse and respond to security information and events.
Security analysts should also ensure that the correct training is in place and that staff can implement procedures and policies.
Security analysts work together with internal IT staff and business administrators to communicate information about security limitations and produce documentation.
- Monitor, detect and respond to external and internal Cyber-attacks with processes, procedures, tools in place
- Detect weaknesses, and propose processes, procedures, tools to remove or mitigate them
- Install, Secure, Operate and troubleshoot Security solutions
- Industrialise processes, executed by Security operators
**KEY RESPONSIBILITIES**:CONTRIBUTION**:
- Build security alerts, dashboards and reports to support ongoing threat management activities
- Build and or operate security solutions, either technical or services.
- Conducting security audits
- Research new threats and build appropriate detective and protective measures
- Develop anomaly detection patterns across a broad range of technology and log sources
- Administer and support log platform
- Continuously improve existing data sources and on boarding of new data sources into central log infrastructure
- Assist management with the execution of information security strategy and road map
- Stay current with emerging technology trends and tools
- Collaborate with all IT team's expert, and customers to ensure proper integration of solutions within MSC security policies
- Maintain proper documentation and training materials.
**ADDITIONAL RESPONSIBILITIES**:
- Provide timely, complete and accurate responses to the Security Operations Center Manager questions and inquiries in a positive and constructive manner
- Complete ad hoc tasks and projects as required by the Company
- Incorporate good practices and quality processes in activities and Projects
- Participate in the promotion of the IT security good practices and policies among the business.
**LOCATION**:
Position to be filled in Torino, Italy
**QUALIFICATIONS AND EXPERIENCE**:
(P) = Preferred, (R) = Required
**General**:
- Five years' experience in IT Security Position (R)
- Degree in Computer Science or related technical degree (R)
- Must be team oriented and at the same able to work with limited supervision (R)
- Ability to identify priorities and ensure that work is completed within timeframes (R)
- Strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler (R)
- Security Certifications (CISSP, CISM,) (P)
- Ability to maintain a steady sense of calm during tense situations (P)
**Technical**:
- Security components (firewall, WAF, log management, NAC, IPS, IDS, HIDS, SIEM ) (R)
- IT infrastructure background (R)
- Working knowledge of networking, secured communications (R)
- System/Application vulnerabilities and exploitation (P)
- Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques (P)
**Other**:
- MS Office Products (R)
- Fluency in English (oral and written) (R)