Cyber Threat Management analyst role is to defend client’s network & data by investigating security incidents that have been triaged and escalated by the first level of Analyst in Security Operations Center. This includes performing analysis of indicators of compromise, investigating security incidents by reviewing relevant security data, coordinating with impacted application owners and users and implementing or arranging remediation actions.
What you will do
Delivery
Detect, analyze, Investigate, and report qualified security incidents to the Client as per the defined Service Level Agreement (SLA).
Provide recommendations to the security incidents reported as per SLA.
Investigates incidents using various security event sources (FW, IDS, PROXY, AD, EDR, DLP etc.).
Investigations into non-standard incidents and execution of standard scenarios.
Provide dashboard and data related to Incidents/Offenses for governance reports.
Escalates to L2 if investigations uncover unusual or atypical situations.
Perform system health check of security monitoring devices & report anomalies to admin/eng team.
Escalation to client Management if the incidents are not closed by client as per the escalation metrics.
Closure of incidents on ITSM tool with accurate resolution comments to determine true positive and false positive classification.
Monitoring unhealthy log source/data source and escalate to engineering team to fix them.
Qualifications
A Bachelor’s Degree in Engineering or equivalent.
Overall experience of at least 2+ years in SIEM monitoring and Cyber security Incident response and Management.
Hands-on experience with security tools and devices, operating systems, and/or networking devices desired.
Proven skills and experience in log analysis, incident investigations.
Experience working across diverse teams to facilitate solutions.
Experience working with Security practitioners.
Willingness to working 24/7 environment in rotating shifts.
Apply via :
jobs.smartrecruiters.com
