As a Security Analyst, you will be responsible for security event analysis, Incident response planning and related activities assisting our customers. The security analyst, Level 1, works within the SOC (Security Operations Center) and is responsible for the monitoring of systems, investigating root causes, and coordinating with team engineers for analysis and response. The security analyst works using log data as well as many security tools, and ticketing systems.
Minimum Experience: 5-8 years
- Monitor alerts automatically generated by security systems
- Monitor threats and new attack techniques being disclosed in the wild
- Investigate events to determine if they are true events or false positives
- Communicate policies with end-users
- Create new ways to search for potentially suspicious events on systems
- Participate in projects to improve security monitoring toolkits as well as to improve defensive controls
- Provide different types of data to measure security and compliance
- Strong understanding of security concepts on networks, Window, Linux, web applications.
- Strong understanding of networking concepts, Shell / Python Scripting.
- Ability to multi-task under strict deadlines.
- Security detection and analysis tools (SIEM, Nexpose, Nessus, ect…)
- Network infrastructure (internet, tcp/ip, ect…)
- Web protocols (http, DNS, ect…)
- Professional, writing, and interpersonal skills.
- Ability to learn, work effectively and contribute within a team environment.
- A demonstrated passion towards information security.
- Experience with some security tools.
- Strong Experience of using open- source tools and commercials tools such as but not limited to Burp Suite, Metasploit, Nessus, Acunetix and open source with operating systems Windows and Linux.
- Expertise and experience of conducting VAPT (Vulnerability Assessment and Penetration Testing) as per standards such as OWASP Top 10, SANS Top 25 and WASC, NIST.
- Perform research on new vulnerabilities, attack vectors, exploits, tools and industry trends for the above- mentioned services.
- Knowledge of MITRE ATT&CK framework and the different tactics
- Good knowledge of cyber-security technologies, endpoint and server security concepts, and preferably public cloud experience (AWS, Azure, GCP).
- Ensure Documentation included in CDC / SIEM work log as predefined / agreed standards. Learn from review process for continuous improvement
- CEH Certification Mandatory.
- CompTIA Security Plus is preferred.
- Candidates with CISM, CISSP, GCIH, GCFE, OSCP are preferred.