SOC Analyst

Production Operations Bangalore, India


Description

Security Analyst:

The Role:
----------------------
You will be working in a positive, supportive, team-centric environment
with other Security analysts who are responsible for ensuring that the
company's systems , network, applications and digital assets are protected
from unauthorized access. This includes securing both cloud and on-premise
infrastructures, weeding through metrics and data to filter out suspicious
activity, and finding and mitigating risks before incidents occur. If an
incident does occur, security analysts are on the front line, leading
efforts to counter the attack. You will identify and resolve security
incidents and design supportable technical solutions which protect the
availability, integrity, and confidentiality of sensitive information and
assets and directly support compliance with SOC2, PCI, SOX and PII
regulations.

Responsibilities:
----------------------
Overseeing security event monitoring, security incident report
investigation, and incident handling.
Work closely with NOC team and help us build SOC tier1 framework.
Providing forensic analysis in support of investigations and the CDOC team
when needed
Creating and maintaining rules, filters, dashboards, and reports in SIEM
system to identify malware activity, misconfigurations, and/or anomalies
Researching the latest information security trends to understand the
latest vulnerabilities and threats
Conducting strategic analysis of existing, new, and evolving network
security technologies
Providing subject matter expertise to IT Compliance during IT internal and
external audits
Developing minimum standards and baselines to define required security
controls and settings on all servers, commercial applications, and
networks
Assessing security risks to the organization's information and
communications systems
Designing, deploying, and supporting Security Solutions

Requirements:
----------------------
Knowledge of vulnerability scanning using the Tenable Nessus system or
other equivalent network vulnerability assessment tools
Experience with one or more security product sets from the following: Palo
Alto, Cisco, Tenable, Extrahop, Splunk, Akamai KSD,
Working knowledge with SIEM tools like Splunk, Archsight, SIEMonster,
extrahop, netflow, wireshark etc..
Experience in malware analysis and remediation, and forensic analysis and
remediation
Troubleshooting and configuration abilities with excellent TCP/IP
networking skills
Awareness of Internet/Network Security technologies - firewalls, VPN, IDS,
IPS, proxies, WAF, etc.
Solid understanding of the underlying LINUX/UNIX and Windows OS security
architecture
Ability to develop, describe, and communicate Security Baselines and
Policies
Excellent communication and technical documentation skills

Good to have:

----------------------
Any industry standard certification such as Security+, CEH, CCNA Security
would be a great plus but not mandatory.