Senior Analyst - SOC | Japanese Multinational E-commerce Retail Company | 6-9 years (BB-16262)
Found in: Neuvoo IN
-Capable to work in 24/7 shifts.
-This role requires being available on call during weekends and off hours.
-Perform incident response of cyber security events as part of a highly available Security Operation Center (SOC)
-Ability to read, investigate, evaluate and interpret security related logs from disparate sources
-Create and review alerts generated by the SIEM(Splunk/ Niksun) for false positives, modify and optimize alerts.
-Act as tier III point of escalation for associate level analysts
-Mentor associate level analysts in alert analysis and response
-Able to summarize relevant security related alerts and incidents for consumption by tier III escalation team as well as other departments
-Review, develop and update detailed operational processes, procedures and playbooks to appropriately analyze, escalate and assist in the remediation of information security related incidents
-Integration of new log data sources into the SIEM(Splunk/ Niksun), from architecture to parsing of new data sets
-Provide expertise regarding the administration, maintenance and optimization of the SIEM(Splunk/ Niksun) platform
-Analyze and remediate malicious events and evaluate effectiveness of current security technologies and architectures
-Develop advanced queries and alerts to detect adversary actions
-Provide expert analytic investigative support of large scale and complex security issues and incidents, update playbooks and other procedures
-Create and/or contribute to incident and root cause analysis reports
-Research and educate self on existing and emerging cyber-attacks that could impact the organization.
-Perform threat hunting, malware analysis and penetration testing.
-Research and explore the enrichment and correlation of existing data sets to provide deep threat analysis.
-Contribute and/or drive special projects by providing expertise, guidance and leadership.
-Perform and/or interpret internal and external vulnerability scanning
-Bachelor degree in Information Technology, Computer Science, Engineering.
-Preferable master’s degree in cyber security/information security of computer science.
-Minimum of 5 to 8 years of prior experience as a SOC Analyst.
-Direct prior experience with core security technologies (firewalls, IDS/IPS, HIPS, proxies, vulnerability scanners, AV, etc.)
-Working knowledge(integration,implementation,confirguration) on Splunk / Niksun (Preferred),other tools(QRadar, Arcsight,Sumologic etc) is an added advantage
-Demonstratable working knowledge of TCP/IP and general networking
-Work experience in Linux and Windows operating system administration and configuration including Active Directory.
-Possess Knowledge in Scripting language for automating tasks (EX: python, bash, powershell)
-Strong proficiency in written and spoken English
-Strong leadership and interpersonal skills
-Preferred Certifications in Splunk / Niksun Admin and Power user.
-Preferred relevant certifications would include ISC2 CISSP, AWS, OSCP , and CISM
calendar_today1 hour ago
info Full Time