IT.Security Analyst
The Citco Group Limited
Hyderabad, Hyderabad
3d ago

Description

IT Security SOCAnalyst

  • POSITION DESCRIPTION :
  • The SOC Analysts work collaboratively to detect and respond to information security incidents, maintain and follow procedures for security event alerting, and participate in security incident investigations.

    The SOC analyst is responsible for investigating security events by performing the following :

  • Analyzing
  • The SOC Analyst’s primary responsibility is to determine what alerts or abnormal activity represents a real threat to Citco assets and data, by performing threat identification, containment, eradication, analysis and reporting.

    The SOC Analyst achieves this by working with threat protection solutions like :

  • Security Incident and Event Management (SIEM)
  • Endpoint Protection (EPP)
  • Endpoint Detection & Response (EDR) systems
  • Email Threat Protection (ETP) platforms
  • Security Orchestration, Automation and Response (SOAR) platform
  • Intrusion Prevention Systems (IPS) or NGFW’s
  • Others
  • The SOC Analyst is expected to understand fundamental networking and security principles as well as be familiar with common network and endpoint security threat protection solutions.

    A strong candidate will have a proven understanding of current cyber threats, threat intelligence and an understanding of attack trends relevant to an enterprise environment.

    Security Analysts work with and learn from experienced security team leaders and use the latest technology to detect, analyze and limit intrusions and security events.

    Candidates must be willing to work in a 24x7x365 SOC environment, demonstrate intuitive problem solving skills and allow for flexible scheduling.

    The SOC Analyst must be competent to work at a high technical level, have a good understanding of threat routes / pathways, identification of potential / active threats, and understand how threat vectors can impact the environment.

  • ORGANIZATIONAL RELATIONS :
  • This position is within the IT Security group which is responsible for overseeing information security within Citco.

  • PRINCIPAL ACCOUNTABILITIES :
  • Monitors and analyzes Intrusion Prevention Systems (IPS) and Security Information and Event Management (SIEM) to identify security issues for remediation
  • Performs network and endpoint security monitoring and incident response
  • Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies
  • Creates, modifies, and updates Security Information Event Management (SIEM) rules
  • Escalates alerts regarding intrusions and compromises to the network infrastructure, applications and operating systems.
  • Assists with analysis of threat data obtained from proprietary and open source resources to provide indication and warnings of impending attacks against networks within the relevant vertical
  • Prepares briefings for SOC Manager and reports of analysis methodology and results
  • Creates and maintains standard operating procedures and other similar documentation
  • Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty
  • Work independently with or without direction and / or supervision
  • Demonstrate effective teamwork and working relationships with others, both from CITCO and security vendors
  • Other projects and responsibilities, as assigned by direct supervisor
  • EDUCATION, EXPERIENCE & SKILLS :
  • 2 to 4 years experience in an in-house Security Operations Center team, or in an Security Consulting firm with an understanding of networking principles in a global environment across multiple data centers
  • Candidates must be able to work a flexible schedule within a 24x7x365 Security Operations Center (SOC) environment, as well as may be expected to work holidays.
  • A strong candidate is expected to have some or all of the following traits : EXCELLENT ANALYTICAL AND PROBLEM SOLVING SKILLS AND INTERPERSONAL SKILLS TO INTERACT WITH TEAM MEMBERS AND UPPER MANAGEMENTAN UNDERSTANDING OF CYBER SECURITY INCIDENT RESPONSE AND NETWORK SECURITY MONITORINGFUNDAMENTAL UNDERSTANDING OF COMPUTER NETWORKING (TCP / IP), KNOWLEDGE OF WINDOWS, LINUX AND CISCO OPERATING SYSTEMS AND INFORMATION SECURITY PRINCIPLESKNOWLEDGE OF INTRUSION DETECTION / PREVENTION SYSTEMS (IDS / IPS) AND SIEM TECHNOLOGIES IN AN ENTERPRISE ENVIRONMENTGOOD KNOWLEDGE OF ENDPOINT PROTECTION (EPP) AND ENDPOINT DEFENSE AND RESPONSE (EDR) SOLUTIONSFAMILIARITIY WITH SYSINTERNALS TOOLSDRIVE TO LEARN AND A DESIRE AND MONTIVATION TO ACHIEVE IT SECURITY RELATED CERTIFICATIONS
  • WHAT WE OFFER :
  • We offer a challenging job in a growing international company, an opportunity to expand your business knowledge by working with prestigious clients and complex financial and technological instruments, and a friendly and fast-paced environment.

    Additionally, Citco is proud to offer our employees competitive compensation, vacation and health insurance benefits.

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form