As a Security Analyst, you will be responsible for the operationalization of new security platforms in order to enable the Security Operations Center to stay ahead of emerging and current threats. They will utilize data analytics, threat intelligence, and your experience to leverage new and existing technologies to build the use cases that drive security analytics and incident response. They will get hands-on with new and exciting technologies to help drive the direction of security capabilities.
Security Analyst Job Responsibilities:
• Developing and maintaining security monitoring and response processes.
• Doing incident analysis in detail and solution mapping with the knowledge base
• Ensuring quality call handling and call escalation by adhering to SLA
• Responsible for SOC tool's monitoring, maintenance and licenses management
• Development of Use cases design, reports analysis, and further enhancement
• Proactively reviewing and operationalizing threat intelligence in order to create alerts to detect techniques, tactics, and procedures employed by threat actors
• Responsible for Incident management and change management process handling
• Maintaining current knowledge and understanding of the threat landscape and emerging security threats.
• Sharing knowledge and providing training to Level-1
• New devices integration and use cases creation
• Using Threat Intelligence to identify infected/affected systems and the scope of the attack
• Responsible for advanced Threat hunting and forensics
• Tracking, reporting, and controlling incident communications with other teams
Required Candidate profile Security Analyst Qualifications/ Skills:
• Having an understanding of SOC and Incident Response practices and methodologies.
• Expertise using one or more SIEM products Splunk, ArcSight, Qradar etc
• Expertise in troubleshooting technical issues in Splunk SIEM solution
• Technical knowledge of networking protocols and Internet security
• Experience with endpoint security analysis on Windows, Mac, and Linux event data and related tools.
• Understanding of security technologies, including UEBA, SIEM, IDS/IPS, firewalls, endpoint security, content filtering, and packet inspection
• Understanding of cloud computing and security issues related to cloud environments
• Analytical skills and ability to identify advanced threats
• Good knowledge and experience with threat hunting and forensic analysis
• Root cause analysis experience, getting to the root cause, problem-solving
• Good knowledge of Windows and Linux
• Strong written communication skills and presentation skills
Security Analyst Preferred Certification:
• Graduate: BE/BTech or equivalent
• SIEM technology certified (one or more): ArcSight, Qradar, Splunk, etc.
• Splunk Core Certified Advanced Power User will have added advantage
• CHFI certification will have added advantage
- Salary: $150000 - $200000
- Citizenship: Top Secret
- Incentives: Stock Options
- Education: Bachelors Degree
- Travel: Not Provided
- Telework: Hybrid Telecommute