Cyber Security Analyst (Administration - SIEM & Automation)

Job Description

Regular Shift Require experience in Administration 30% hike What you will do day to day: CyberSecurity Analyst (CA) has a wide variety of skills, including performing intrusion analysis, a deep understanding of the 18x5 security monitoring environment, and performing administrative tasks. The CA is an important role IT Security Department. The CA role requires defense against cyber threats by identifying and triaging security incidents. The ideal person in this role brings experience in investigating network and endpoint intrusions, as well as experience handling security incidents within the Security Operations Center (SOC). The SA will triage event, perform escalations and coordinate incident response procedures. This role must be able to solve complex problems independently and know when to escalate issues to senior IT Security Leads and Managers. This individual will work with multiple technology platforms and interface with other groups within IT Security Operations. The CyberSecurity Analyst (CA) for the SOC will be responsible for responding to critical threats that impact information security. This individual's role includes the following functions. Roles and Responsibilities: Hands-on experience of implementing EDR policies, Rules creation, and Incident/alert management. Good experience on security Incident response and investigation to identify the root cause of security breaches and gather evidence. Hands-on experience in log Ingestion, fine-tuning on reducing false positives, Event correlation, and analysis. Hands-on experience with Automation (SOAR) and Custom KQL queries. Develop and update incident response plans and playbooks to ensure effective handling of various types of incidents. Good experience in developing and implementing email security policies and best practices to safeguard against threats such as phishing, malware, and data breaches. Design and enforce DLP policies and rules to prevent unauthorized data access, sharing, and transmission. Deep technical knowledge of vulnerability management and administration Collect and analyze threat intelligence to stay informed about emerging threats and vulnerabilities relevant to the organization. In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, Malware investigation, web Proxy and network concepts etc. Engage in research and development of security solutions, testing new tools and methods for potential implementation. Knowledge on automation and scripting areas. Creating metrics for a Security Operations Center (SOC) measuring its effectiveness and identifying areas for improvement. Who we are looking for: Minimum Qualification: A university degree in Computer Science Engineering Information Security, or a related field is highly desirable Between 5 to 8 years of experience in the Information security domain along with Incident response, Threat analysis Additional Qualifications: Exceptional troubleshooting and problem-solving skills required. Security +, CEH or SANS GIAC certifications are preferred Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes Cyber Threat and Intelligence gathering and analysis Knowledge of Automation and AI (Artificial Intelligence) integration in Security Operations center. Should have worked in security operations and has a practical approach to analyzing incidents and security alerts from different security tools and platforms Strong communication skills Highly self-motivated