The Cyber Security Analyst will be responsible for monitoring, detecting, and responding to potential security threats within the organization's network and systems. This role will involve analyzing security data, conducting risk assessments, and implementing security measures to protect against cyber-attacks. The ideal candidate will have a strong understanding of cybersecurity principles and technologies.

Skills

• Windows
• Linux
• HTTP
• HTTPS
• TCP/IP
• WebSocket
• SSH
• SFTP
• RDP

Requirements

• Job Role SOC L2
• Job Type Full Time
• Workplace Type Onsite
• Industry Computer and Network Security

Secondary locations

About

Not provided

Responsibilities

• Monitoring and analysis of cyber security events
• Fully operate from Cradle to Grave the incident response process
• Conducting incident response within a major public cloud.
• Excellent understanding about Windows and Linux OS internals.
• Excellent knowledge of protocols like HTTP, HTTPS, TCP/IP, WebSocket, SSH, SFTP, RDP etc.
• Good understanding of the industry models such as the Cyber Kill Chains, Diamond Model and MITRE ATTCK framework.
• Practical hands-on experience analyzing windows linux artifacts produced from digital forensics and incident response.
• Good understanding of cyber threat landscape, TTPs, threat actors and groups
• Proficiency with the following tools: EDR, Anti-Virus/NGAV, HIPS, ID/PS, DLP, WAF, Host forensics Network forensics, Memory forensics.
• Communicate new ideas or suggestions for analysis/process improvement.
• Deep understanding of logging mechanisms of Windows, Linux platforms.
• Participate in a 24x7 (On-Call) coverage model to prevent and remediate security threats.
• Knowing how to Script in languages such as Python, Powershell, Bash to build incident response workflows and automation is a plus.
• Experience with SIEM technologies (Sentinel etc), Threat hunting, monitoring and investigations.
• Have excellent written and verbal communication skills.
• Possess good technical understanding, takes initiative to remain up to date with cyber security skills, and fosters an attitude of continual learning/adapting.
• Possess the ability to adjust and adapt to changing priorities in a dynamic environment.
• Ability to work with minimum guidance.

Other Requirements

• Familiarity with analytical models (E.g. MITRE ATT&CK).
• Knowledge in Infrastructure vulnerability assessment and management of process to remediate identified vulnerabilities.
• Experience in intelligence enrichment (E.g. Passive DNS, WHOIS, Virus Total)
• Experience or knowledge of relevant regulations governing cyber intelligence processing and handling of sensitive data
• Analyze network and host activities associated with both successful and unsuccessful intrusions by threat actors.
• Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise
• Worked in third party security monitoring tool to research and respond to incidents.
• Monitor security tools alerts for anomalous or suspicious activity; research alerts and make recommendations to remediate concerns.
• Analyze, correlate and action on data from subscription and public cyber intelligence services, develop tactics to combat future threats, and invoke the Incident Response Plan if necessary.
• The ability to perform analysis of log files from multiple different devices and environments, and identify indicators of security threats
• Knowledge and understanding of regulatory compliance requirements surrounding HIPAA, PCI, GLBA, SOX, and SAS70
• Familiarity with scripting knowledge (Python, Perl Script, PowerShell)
• Deep understanding of network protocols and network security TCP/ IP, UDP, DHCP, FTP, SFTP, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS

Good to have

• Security Operations Center (SOC) environment experience with at least 3 years of experience detecting and responding to cyber intrusions.
• Bachelor’s degree
• Desirable certifications include: SANS GIAC GCED; GCIH; GCFA; GREM; GIAC GOLD. ISC CCFP; CSIH. EC Council ECSA; CHFI; ECIH

About the Company

ValueMentor is a full-fledged Cyber Security Partner helping organizations worldwide to effortlessly manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.