Cyber Security Analyst - IDS System

Exp : 6-8 yrs Role : Cyber Security Analyst 6 months contractual Essential Functions : - Provide timely detection and identification of possible attacks/intrusions and distinguish findings from benign activities. - Correlate incident data to identify specific vulnerabilities and make recommendations that enable prompt containment and remediation. - Coordinate with the greater organization to resolve cyber incidents. - Provide technical summaries of findings in accordance with established reporting procedures. - Escalate and triage incidents that may cause an immediate impact to the organization. - Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats. - Perform event correlation to gain situational awareness and to determine the effectiveness of an observed attack. - Assist in the development and implementation of security policies and procedures. - Track and document cyber incidents from initial detection through final resolution. - Assist in reducing risk by actively identify areas of non-compliance and making recommendations for improvement. - This role will work either in the UK shift (12 noon to - 9 pm) and/or US shift (5:30PM to 2:30AM). Additional Functions : - Stay current with cybersecurity news and trends relevant to the business and industry. - Participate in the information security on-call rotation, providing emergency support for security-related incidents. - Provide input into the development of security policies and procedures. - Interface with other business units such as Governance, Risk, and Compliance to communicate program status and overall security posture. - Promote a positive security culture through knowledge sharing, influences, and conduct. - Create and maintain role-specific documentation. - Participate in the Change Advisory Board (CAB). Knowledge, Skills, and Abilities : - Knowledge of system administration concepts for operating systems such as Unix/Linux, IOS, Android, and Windows operating systems. - Knowledge of cloud service models and cloud security best practices. - Knowledge of procedures used for documenting and querying reported incidents, problems, and events. - Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. - Knowledge of auditing and logging procedures (including server-based logging). - Knowledge of common software applications and their associated vulnerabilities. - Knowledge of host-based security products and how they reduce exploitation. - Knowledge of approach, strategy, and structure of exploitation tools (e.g., sniffers, keyloggers) and techniques (e.g., gaining backdoor access, collecting/exfiltrating data, conducting vulnerability analysis). - Knowledge of MITRE ATT& amp; CK and similar cybersecurity frameworks. - Knowledge of what constitutes a "threat" to a network. - Skill of identifying, capturing, containing, and reporting malware. - Skill in using incident handling methodologies. - Skill in using security event correlation tools. - Skill in developing analytic approaches to problems and situations for which information is incomplete or where no precedent exists. - Ability to identify unusual activity amongst a defined baseline. Qualifications : Education/Experience : - Bachelor's in computer science, Information Systems, Cybersecurity, or Software Engineering. - 6 to 8 years of relevant experience in cybersecurity or information technology. - 3 years of hands-on experience with an EDR/XDR solution, SEG, and SIEM. - Experienced in a scripting language such as Python, PowerShell, or VBA. - Licenses and Certifications - One or more technical or cybersecurity certification preferred (e.g., CISA, CCSP, CRISC, CEH, Security, GSEC, SSCP) (ref:hirist.tech)

Location: bangalore, IN

Posted Date: 1/11/2025