Job Description :
Role : Enterprise Security Analyst
Location of Requirement : WARSAW, IN
Emp Type : Permanent Job
Interview : Phone/Skype
Required Technical Skill Set Enterprise Security Analyst
Desired Experience Range 4-6 years
Technical:
Performs real-time proactive security monitoring, detection and response to security events and incidents across multiple security solutions within the organization.Categorizes security events and raises necessary incidents after thorough quality check of the event.
Non-Technical:
Good Communication, willing to work on weekends and holidays as necessary, good organizational skills.
Good-to-Have
Writes incident response summary reports, including cyber defense trend analysis and reporting, for internal and external audiences.
Maintains situational awareness of latest cybersecurity threats, vulnerabilities and mitigation strategies.
Performs security reviews and periodic audits to identify security gaps, violations and inefficiencies in the security architecture to make recommendations for inclusion in the risk mitigation strategy.
Responsibility of / Expectations from the Role
Uses authorized exploitation techniques and tools to identify vulnerabilities.Conducts forensic analysis on systems to identify root cause of security issues and/or events.
Prepares and provides cybersecurity recommendations including security posture trends to leadership based on significant threats and vulnerabilities, as well as security awareness materials and training for department staff.
Works with stakeholders to resolve computer security incidents and vulnerability remediation, and compliance.
Ensures that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level, and recommends and/or develops content for cyber defense tools.
Monitor Security events through SIEM Console on Logarithm & Dell Secure Works and Investigate Suspicious events .
Should have Strong conceptual knowledge of Firewalls , IDS /IPS , Proxy , Windows , Antivirus, DLP , APT and Undersstading of their Logs .
Should have strong Investigation skills like identifying unusal Traffic Patterns , Source , destination , Ports , Spam and Phishing mails , understanding Message Header , Sources declaring Blacklisted IP''s / Domains , declaring False positives , determining and Comparing Hash of the suspicious files with sources like "Virus Total" etc.
Should have Knowledge of Incident management Process , Raising incidents , Incident Communication to the right stakeholders , Coordinating different Stakeholders for closure of Incidents etc.
Should be Process oriented, adhering to SLA bound deliveries , adhereing to Processes defined by the client