MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious
1

Sr. Assoc. Cyber Threat Analyst

Location Chennai, India
Posted 20-March-2021
Description
Position Summary


We are looking for a Cyber Threat Analyst to help investigate and remediate suspicious events and manage special projects to reduce our attack surface. As a member of the Security Operations Center, your focus is to help identify, disrupt and prevent threats affecting our organization. To accomplish this, the Cyber Threat Analyst will use data analysis, threat intel, and best-of-breed security technologies. Cyber Threat Analysts will also participate in developing and documenting processes and procedures. The candidate must have a curious investigative mind, a passion for information security, and the ability to communicate to varied audiences.


Key Responsibilities


Provide Tier 2 & Tier 3 support to our SOC, as needed.
Examine alerts from various security monitoring tools, perform triage & determine scope of threats; escalate as necessary.
Develop and analyze dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.
Manage special projects to improve the organizations security posture, such as reducing technical debt, onboarding acquisitions, and develop processes to protect our brand.
Coordinate with end users to assist in troubleshooting/remedying the issues.
Determine gaps in existing security controls and make recommendations for improvements.
Keep up to date with information security news, techniques, and trends.
Become proficient with our ticketing system and workflow management.
Become proficient with third-party threat intelligence tools as required.


Requirements


Five or more years of full-time professional experience in the Information Security field
Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment
Excellent time management, reporting, and communication skills
Ability to generate comprehensive written reports and recommendations
Write professional emails
Coaching and training experience
Previous experience as a point of escalation in a technical environment
Customer interactions and creation of executive presentations
Understanding of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV
Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem


Qualifications


Queue management
Experience with SIEM platforms preferred
Familiarity with web-based attacks and the OWASP Top 10 at a minimum
Attack vectors and exploitation
Direct (E.g. SQL Injection) versus indirect (E.g. cross-site scripting) attacks
Familiarity with SANS top 20 critical security controls
Understand the foundations of enterprise Windows security including: Active Directory
Windows security architecture and terminology
Privilege escalation techniques
Common mitigation controls and system hardening


Experience monitoring EDR, Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS)
Experience in monitoring at least one commercial AV solution
Ability to identify common false positives and make suggestions on tuning
Understanding of root causes of malware and proactive mitigation
Propagation of malware in enterprise environments
Familiarity with web-based exploit kits and the methods employed by web-based exploit kits
Familiarity with concepts associated with Advanced Persistent Threats and targeted malware
Understanding of malware mitigation controls in an enterprise environment.
Network Based Attacks / System Based Attacks
Denial of Service Attacks
HTTP Based DoS Attacks
Network Based DoS Attacks
Brute force attacks
Covert channels, egress, and data exfiltration techniques
Familiarity with vulnerability scoring systems such as CVSS
Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks
Provide three current work references & pass a criminal background check
Pass a proficiency exam related to the role


Desired Qualifications


Experience working with Incident Ticketing Systems
General security knowledge (GCIA, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security, OSCP or other security certifications, such as CCNA, CCDA, CCSA, CCIE, CEH, or MCSE)
Experience
Min 5 to 8 Years.

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url