IT Cyber Defense Analyst

Altera Digital Health View all jobs

  • Mumbai, Maharashtra
  • Permanent
  • Full-time
  • 14 hours ago
Experience:
  • 2 - 4 years of experience in Security Operation Center (SOC), Cyber Security, and Information Security within an enterprise environment.
  • Experience with Windows and Linux, server and application hardening process.
  • Experience supporting one or more information security technologies.
  • Mandatory experience in Azure, EDR, XDR (Crowdstrike, Windows Defender), SOAR, SIEM Tools (e.g., Splunk, Rapid7, ArcSight, McAfee Nitro), Palo Alto, Cisco and one of the following: IDS/IPS, database activity monitoring, multi-factor authentication, web content filtering, encryption, and encryption key management, DLP, change detection.
  • Working knowledge of TCP/IP stack & familiarity with common protocols e.g., HTTP, FTP, SMTP, DNS.
  • Familiarity with network and application threats such as DoS/DDoS, SQL injection, XSS, reconnaissance scanning, and methods to avoid detection.
  • Working knowledge of compliance, and regulatory requirements, such as Payment Card Industry (PCI), Sarbanes-Oxley (SOX), and Healthcare Information Privacy Protection Act (HIPAA).
  • Experience with vulnerability scanning tools such as Nessus, Acunetix, Qualys, or Metasploit a plus.
  • Have scripting experience with Bash, PowerShell, or Python and the ability to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts.
  • Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain.
  • InfoSec certification are a plus such as CISSP, CompTIA Security+, GIAC Security Essentials, & CEH
  • Have strong oral and written communication skills Strong interpersonal and leadership skills.
Responsibilities:
  • Triage security incidents identified by SOC analysts.
  • Identify enhancement to rule sets and other tool optimization to automate reporting and reduce false positives in unified SIEM and review with manager / senior team members for implementation.
  • Coordinate with SOC manager to escalate security issues to other business units including solutions development, customer hosting and corporate IT.
  • Collaborate with business units to prioritize vulnerability remediation and execution of planned activities.
  • Subscribe to threat intelligence services and monitor vendor alerts for major vulnerability disclosures.
  • Monitoring of advanced security tools, perform analysis of dissimilar indicators, correlation of multiple sources, alert & coordination of security incidents across the environment.
  • Review & analyze system logs and third-party management products to preemptively detect, take defined corrective actions and alert process/system owners to new issues.
  • Assist with creation and maintenance of security incident response procedures.
  • Participate in research and assist implementation of security tools used by SOC team.
  • Assist SOC manager with dashboards and business reporting.
  • Ready to work in rotational 24/7 shift.

eQuest