Hybrid Sr Analyst - Global Business Services - IN bei India Primary Business Unit
India Primary Business Unit · Gurgaon, Indien · Hybrid
- Professional
- Optionales Büro in Gurgaon
Responsibilities
- Must have expert networking protocol knowledge.
- Able to demonstrate an understanding of current offensive / defensive computing and forensics.
- Should be able to provide threat Intel services.
- Prior experience detecting, analyzing and/or responding to security incidents.
- Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies.
- Good Communication skills.
- Hands-on experience with common security technologies (IDS, Firewall, Rapid7, EDR, Microsoft security suite etc.)
- Understanding of common security threats, attack vectors, vulnerabilities, and exploits
- Shift work, with flexibility to cover both day and nighttime shifts.
- Should be able to work independently,independently with Vendors and drive the calls whenever required.
Qualifications
- Provide incident response as part of the 24x7 Security Operations Center
- Manage the security vulnerabilities and risks across WB including identifying, supporting application/system owners to manage risks and remediate vulnerabilities.
- Work closely with both business-oriented executives and technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively.
- Develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders.
- Produces and regularly evaluates all TVM programs and process related documentation.
- Ensure effective and complete scanning of the test, corporate and production environments.
- Create projects within the tool and monitor the progress & regular follow ups with Patching team and application & server owners.
- Monitoring of events & alerts from a multitude of technologies to detect malicious activity.
- Detailed analysis using a variety of tools and techniques to investigate, navigate, correlate, and fully understand security incidents of the data available.
- Conducts initial triage of security events and incidents. Facilitates communication within the SOC and documents progress throughout the Incident Response Lifecycle.
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and correlation with different security tools.
- Proper escalation and hand-off of security incidents for containment and remediation.
- Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility.
- Jumping on the call with Vendors and other teams to discuss issues / to get their requirements and deliver the same in the form of projects.
- Providing weekly/monthly reports to the Upper Management.