MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious
1

Security Analyst

Location Ahmedabad, India
Posted 12-October-2020
Description
2year hands-on experience with focus in areas such as security monitoring, security
intelligence, threat hunting, incident response, SIEM, and analytics tools. Industry
certification such as CISSP, Security , CEH, CCSP, GCIH, GCFA, GNFA or Offensive Security
OSCE a big plus
Hands-on experience building EDR and/or NDR detection rules. SIEM tool (Qradar /Alien
Vault/ McAfee ESM/DNIF) experience a big plus
Must understand the current Cyber Security Landscape, such as, a deep knowledge of
current and past malware methods, attack methodologies, and TTPs (Tactics,
Techniques, Procedures) such as MITRE ATT&CK, and Cyber Kill Chain
Strong understanding of vulnerabilities, common attack vectors and has attacker
mindset: ability to think about creative threats and attack vectors.
Demonstrated technical experience with Networking (e.g. data flows, architecture,
protocols, traffic analysis, wireless, etc) with a goal to identifying manual or automated
cyber-attacks and C2 traffic
Demonstrated technical experience with detailed host-level logging (e.g. Windows
Security logs, auditd, process logging)

Familiar with common commercial and/or open source vulnerability assessment tools
and techniques used for evaluating operating systems, networking devices,
databases and web servers
Experience of integrating tools with SOAR platform. Designing in creating workflows in
SOAR platform
Technical Writing and Reporting Skills - Preparing security reports and different
technical documents is an essential part of cyber threat hunting, incident response or
SIEM management, so analyst also need to have excellent technical writing and
reporting skills.
Soft Skills - Analyst need to possess a handful of soft skills such as strong stress
management, analytical, research, and problem-solving skills. They need to be self-
starters who are able to work with minimal management, however also need to have
strong collaboration and interpersonal skills as they usually work together with several
other professionals from other information security fields.
Familiarity with data analytics platforms (e.g. Various flavors of SQL, Splunk,
ElasticSearch) & analytic methodologies
Familiarity with scripting languages & concepts (e.g. Python, Powershell, bash, regular
expressions, JSON, XML)
Experience with sandboxing and malware analysis

Responsibilities
Develop intelligence-driven hypotheses for hunts to target specific potential threat
actors and vectors
Proactively hunt for potential malicious activity and incidents across multiple
customers using advanced network- and host-based tools
Perform forensics on network, host, memory, and other artifacts originating from
multiple operating systems, applications, or networks and extract IOCs (Indicators of
Compromise) and TTP (Tactics, Techniques, and Procedures).

Perform in-depth investigation & data analytics of events identified during threat hunt
activities or security alerts received from various security technologies
Exploration and integration of new cybersecurity tools, processes, and capabilities
Create, modify and tune the SIEM rules to adjust the specifications of alerts and
incidents
Report query adjustments, and various other SIEM configuration activities
Configure, design, evaluate, and integrate different type of log sources into SIEM tool
Designing in creating workflows in SOAR platform
Good hands on exposure of SOAR platform like Siemplify, Demisto, Phantom, Ansible
Excellent understanding of Security Incident detection and remediation workflow
Contribute to the tuning and development of security information and event
monitoring systems (SIEM) use cases and other security control configurations to
enhance threat detection capabilities
Provide support in the detection, response, mitigation, and reporting of cyber threats
affecting client networks with the ability to evaluate IT environments and identify
security goals, objectives and requirements
Work in concert with team members, Information Security engineering, and relevant
Subject Matter Experts to process, analyze and drive the remediation of identified IT
related vulnerabilities Responsible to follow the IT Security Incident Response policies
and tools
Creation of concise and professional materials to communicate goals, objectives and
incident reporting.
Develop dashboards & reporting for continuous monitoring of targeted activity and for
communication of quantifiable metrics to leadership
Continuously review and evaluate the state of customer Security environment and
recommend technology and process improvements.
Serve as a technical leadership team and advisor to key stakeholders, establishing
trust-based relationships through active engagement and collaboration.
Develop security use cases or additional detection capabilities.

Contribute to Information Security policies, standards, and supporting documentation
Root cause analysis, troubleshoot complex issues with existing security and privacy
protection protocols
Experience
Min 2 to 5 Years.

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url