Sr. Security Analyst

Job Summary

Role: Security Analyst (U3) Job Description 5 to 8 years relevant experience in Cyber Security, SIEM, Event Analysis, Security Incident investigation and management Should have an understanding about network and security concepts, SIEM technologies (Splunk /LogRhythm/ QRadar etc.) Must have good analytical skills and communication skills. Must have knowledge of technical architecture design, Creation and documentation of process, technical deployment of the LogRhythm SIEM tool. Aspire to learn about new threats in Cyber Security. Industry recognized security certifications like CEH, Security + etc. Support to technical issues, customer queries, incident response, etc. Must have prior experience in SOC, investigating security incidents and performing RCA of such incidents. Creating advanced co relation rules, administration of SIEM, system hardening. Should be able to handle all security alerts Review the alerts and respond accordingly. Should have experience in managing security incidents/breaches and perform investigations/reporting as required. Should have clear understanding of Network and its concepts. Must have good knowledge and understanding of firewall rule base analysis and suggest remediation based on the findings. Knowledge of various security methodologies and technical security solutions, Firewall, IPS, Antivirus, Proxy, WAF, Load balancer, DDOS, EDR and DLP solutions. Strong knowledge of Information security Concepts (e.g. Operating System Security, CVSS score, Malware/Virus/Trojan, Cryptography, Vulnerability, Secure/Insecure ports and services etc.) Must have experience in writing and maintaining SOPs, troubleshooting guides. Must keep an eye of recent Cyber Security trends, attack types, risks, and intelligence. Should be ready to work in rostered On Call support model (Support after Office hours / weekends/holiday). Guiding and monitoring L1‿s in their day to day operation. Skills Required 5 to 8+ years of experience in Cyber Security. Hands on experience on LogRhythm including creation of custom queries, detection rules and automated response playbooks. SIEM ‿ Splunk (Must Have), QRadar, LogRhythm Thorough understanding of various industry leading cloud native SIEM architecture, pricing and technical knowhow. Knowledge about various threat vectors and attackers TTPs. Ability to build maintain strong relationships with peers and colleagues. Qualifications Bachelor‿s degree in information technology or related field. Relevant certifications (Security+, CEH) Working knowledge on any other SIEM tool viz Splunk, Microsoft Sentinel, QRadar etc. Splunk Certified Cybersecurity Defense Analyst