Job Description:
Location
Quantity
Band
JD
Hyderabad
2
U4
What We Need
The Security Analyst is a member of a small technical team, that will provide hands on triage and incident response – aimed at mitigating cyber security threats in a hybrid cloud environment. The right candidate will rely on their passion for security, automation and continuous improvement; and will collaborate closely and frequently with engineers and architects across multiple teams and functions.
The Challenge:
The Security Analyst focuses on assisting in the continuous iteration and improvement of GEA's security posture, by monitoring the environment for events, alarms and incidents and defining/following standard operating procedure for incident response.
- Builds strong relationships with technical teams across other functions.
- Correlate incident data to identify specific vulnerabilities and make recommendations that enable containment of the threats and an expeditious remediation.
- Conduct host and network, forensics, log analysis, and malware triage in support of incident response investigations.
- Recognize and organize attacker tools, tactics, and procedures (TTPs) and indicators of compromise (IOCs) that can be applied to current and future investigations.
- Leverage threat intelligence, document threats as needed and share intelligence to further enhance service quality and delivery.
- Periodically assess the limitations of the existing methods and tools in the hunter/responder toolset and propose enhancements.
- Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.
- Conducts ad-hoc incident analysis.
- Understands existing processes and identifies how to improve and streamline them in order to improve team efficiency and effectiveness.
- Works with various teams to create, update, and improve security.
What You Need to Succeed
- Bachelors' degree in Computer Science, Information Systems, Mathematics, Statistics or equivalent.
- A minimum of 5 years relevant experience in IT.
- Vulnerability and threat analysis experience.
- Understanding of malware analysis.
- Understanding of network protocols, design and operations.
- Understanding of the cyber security capabilities and threat landscape.
- Understanding of network and computer forensics.
- Understanding of cloud computing.
- Information security background, with a minimum of 3 years hands-on experience.
- Knowledge in identity and access management, authentication, authorization, encryption, PKI, and security monitoring methodologies and technologies.
- Experience with security architecture, threat modeling and secure application development.
- Experience with SIEM and EDR tools.
Preferred:
- Hands on cloud computing experience.
- Strong development and infrastructure background.
- GCFA, GNFA, GCIA, GCIH, GPEN, or OSCP certified.
- Comfortable with different programming languages, such as C++, and Java, Ruby, Python.