Cyber Security Specialist

Location: Bengaluru

JOB SUMMARY:

The security analyst is responsible for analysing cybersecurity events, improving threat detection capabilities and procedures. If an event results in a security incident, the analyst will work with the relevant stakeholders to respond and contain the incident.

This analyst role will come under the IT Risk and Security department reporting to the Security Operations Manager.

KEY RESPONSIBILITIES INCLUDE:

- Proven experience using analytical and data visualization tools to automate the analysis and provide insights of large dataset and correlate with SIEM and other sources of information and conduct investigative works into all traffic anomalies against established, historical baselines to identify the root cause to an incident.
- Knowledge of using AI-driven and Machine Learning tools to monitor and analyse real-time security investigations to initiate triage, containment and remediation of security threats and other malicious activity, and escalate issues as needed.
- Knowledge in ethical hacking to identify potential threats and expose vulnerabilities to protect the organisation from malicious attackers.
- Knowledge of digital forensics to analyze security tool events/alerts, while maintaining proper evidence-handling best-practices during an incident.
- Knowledge in Reverse Engineering to comprehend the performance of a software program or application for malware analysis.
- Provide of reporting and metrics around security monitoring by designing dashboards for asset owners and management consumption.
- Responsible for continuous monitoring, tracking and closure of security events and requests from managed SOC, systems and users.
- Work with the Incident Manager in incident response to minimize the impact of a security incident to our organisation.
- Responsible to enhance and drive improvements of SOC detection and response playbooks, and design new security incident playbooks, process and operational procedures, including providing communications with other teams, evidence collection and other documentation.
- Stay current with the latest Cyber threats, Attacks and vulnerabilities, and updated with the evolving and emerging attack techniques and methods.
- Participate in various Cybersecurity exercises such as Cyber Ranges and BCP.
- Work on other project and tasks duties.
- Renewal of Cybersecurity tools maintenance.

REQUIREMENTS:

- Minimum of (3) three years direct Information Security experience in a security engineer, architect, consultant or a similar role, preferably with incident management experience in a SOC environment.
- Strong practical experience in Cyber security:
Cyber kill chain, TTP, threat intelligence, malware triage.
- Strong understanding of Different Attacks on System, Network, Applications.
- Strong knowledge in Internet infrastructure, networking technology and network security (i.e. DNS, DHCP, Firewall, WAF, IDS, IPS, VPN, APT and TCP/IP protocols) and experience in Splunk preferred
- Comfortable with analysing and processing large datasets and able to read and understand packet level data, handle Network/Host Security products (NIDS/NIPS, firewalls, HIPS, Proxy, AV, scanners, etc.) and understand security events from these tools.
- Insurance / Financial industry experience
- Relevant industry certifications such as certified SOC ANALYST (CSA), CISSP, CEH, GIAC Information Assurance Certified Intrusion Analyst (GCIA), GIAC Information Assurance Certified Incident Handler (GCIH), or equivalent.
- Possess strong analytical skills, self-motivated, detail oriented and team player
- Malware triage and analysis capability will be an advantage.
- Willing to learn and work in a collaborative manner with peers and team.
- Good interpersonal and communication skill.
- Able to work under pressure during critical situations
- A passion for information security and data security