Cyber Security Analyst - SIEM (5-12 Yrs) Overseas/International/Dubai/Middle East (Others) by Sourcing Solution Technologies

XpatJobs (November-2017 से पंजीकृत) ने 9 दिन पहले इस नौकरी को पोस्ट किया था

Description : - As a Cyber Security Analyst, you will be responsible for delivering the threat intelligence and vulnerability monitoring, provide additional intelligence feed that can enhance the detection capabilities of the SOC team.
-You also must be comfortable with NMAP, NESSUS, vulnerability management tools, networking fundamentals, Internet research and Microsoft Windows & non-MS OS administration.
-The analyst will be accountable for the assurance of the implementations of processes are effective and sustain on all applicable systems.
-Must deliver and maintain a 24x7 global response capability and ensure timely response to investigations of security events or inquiries. Responsibilities : - Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of data - Gain an understanding of security risks and controls - Respond to security alerts received and/or escalated from the tier 1 Threat Monitoring function - Collect contextual information and pursue technical root cause analysis & attack method analysis - Make a determination to treat the alert as a security incident and assign a severity level - When possible, eliminate false positives and benign triggers - Regularly review and align priority, severity and classification of security incidents - Provide feedback to Threat Monitoring and support forensic analysis as required - Perform analysis of log files to collect more contextual information in order to triage the security threat - Assign a severity level based on business impact and asset categorization & criticality.
-Coordinate mitigation, response and investigation efforts when a cybersecurity incidents arise - Deep analysis with the goal of revealing potential deficiencies in deployed IT security controls - Follow response procedures based on the incident impact analysis & predetermined response procedures - Regularly review and align priority, severity and classification of IT cyber security incidents - Provide support to forensic analysis as required post containment - Communicates directly with IT vendors, asset owners & business response plan owners during high severity incidents and escalation throughout the incident per the operating guidelines - Takes an active part in the containment of IT cyber security incidents, even after they are escalated - Close or escalate the security incident to the CSIRT Management function as needed - Execute monitoring systems used to detect and report security violations - Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets - To effectively apply information security theories and concepts to specific circumstances.
-Based on experience, the analyst in this position may be on-call 24 hours per day to respond to information security related problems - Escalating issues when necessary - Maintain knowledge of industry trends and current security practices - Self-motivated and able to work in an independent manner - Diversified experience with the implementation of enterprise security technologies, including anti-virus, anti-malware, DLP, IDS/ IPS, vulnerability scanners, configuration management and encryption required - Effectively coordinate multiple priorities in a dynamic environment, strong analytical & negotiating skills and excellent organization and interpersonal skills required - Demonstrate high levels of integrity in the conduct of personal & professional affairs preferred - A bias toward action, along with an internal drive for continuous improvement preferred Required Qualifications : - Bachelors Degree in Computer Science, Cyber Security, Information Systems or Business Administration or 7 professional experience in a technical leadership role including at least 5 years of direct experience in Cyber Security Operations required - Expert in incident response and recovery handling methodologies - Expert in handling Splunk SIEM (Administration as well as Incident / Forensic Analysis) - Knowledge of Cyber kill chain - Knowledge of defense-in-depth techniques - Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution) - Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation state sponsored]) - Skill in recognizing and categorizing types of vulnerabilities and associated attacks - Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code - Knowledge of basic concepts and practices of processing digital forensic data - ...

Required Skills : English