Job Description

Analyst is Secuirty Operations Center (SOC) work alongside security engineers and SOC managers. They are responsible for ensuring the protection of digital assets from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, or destruction both online and on-premise.

Responsibilities

• Monitor security access and report suspicious activity to a higher level or team members
• Conduct security assessments regularly to identify vulnerabilities and performing risk analysis
• Analyze the breach to reach the root cause
• Generate reports for IT administrators, business managers, and security leaders. These reports serve as an input to evaluate the efficacy of the security policies
• Advise and implement necessary changes required to counter the attack or improvise security posture
• Perform operational activities on security tools and contribute to tuning and security strategies
• Document incidents to contribute to incident response and disaster recovery plans
• Perform internal and external security audits
• Conduct risk assessments, interviewing internal and external customers, to gain technical knowledge of security/compliance requirements
• Mantain firewall acesss control policies
• Provide technical support/troubleshooting for security services
• Fulfill security service requests including but not limited to firewall rule changes, we filtering exceptions and encryption/decryption policy updates
• Is part of an on-call rotation schedule to provide incident response and project support

Knowledge and Skills/Technology used

• Experience with security incident response handling
• Experience working with Cisco ASA, Splunk, Qualys, NMAP, Nessus
• Logging and monitoring: SIEM and Cloud Access Security Broker (CASB)
• Endpoint security: AntiVirus, DLP and host compliance scan
• Network Security: IPS/IDS, traditional and next-gen firewalls (Palo Alto), cloud security group, decryption
• Data Protection: encryption/decryption, HSM, KMS, DLP
• Windows and Unix operating systems
• Cloud Security, infrastructure and cloud native services
• Networking, network protocols and network services

Typical Education

• Bachelor’s Degree, Information Systems, Computer Science, Information Security, Telecommunications or equivalent work experience required

Typical Range of Experience

• Must have 2+ years information security experience
• Should have 1-2 years of experience with networking technologies
• Experience in implementing Information Security Technologies and/or processes required
• Experience in defining Information Security strategy and integrating security technologies into corporate frameworks

License or Certification

• CISSP, GIAC, C|SA and certifications for various security technologies are preferred