This job ad has been posted over 30 days ago...

57

applicants

Security Incident Response Analyst Full-time

at FIREEYE CYBERSECURITY PVT. LTD. in Banglore (Published at 25-04-2017)

Position Title: Sr. Security and Incident Response Analyst

Location: Bangalore, India

The Company:

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 5,600 customers across 67 countries, including more than 40 percent of the Forbes Global 2000.

The Role:

We are looking for an experienced, mid-level Security and Incident Response Analyst to join our team in helping to defend FireEye. As a member of the Information Security Operations team, the successful candidate will provide technical expertise in security monitoring and incident response. You will be responsible for interpreting, analyzing, and correlating complex security events from a distributed and global environment in order to find indicators of compromise. You will also work in close collaboration with internal and external groups to develop new capabilities to improve security situational awareness across the enterprise. This is a hands-on role in a fast-paced team and requires and individual who understands and can effectively respond to cyber-attacks.

Responsibilities:
Identify security issues and risks associated with security events and manage the incident response process.
Participate in the incident response and investigation process for identified security events.
Perform network and system forensics in response to security incidents.
Optimize and customize security-monitoring tools in order to improve detection.
Hunt for signs of APT activities.
Work with various business units to conduct vulnerability scanning and respond to vulnerability reports.
Maintain and update the security operational workflow.
Respond to incident reports.
Requirements:
In-depth knowledge of security monitoring and incident response.
Knowledge of conducting security investigations.
Experience with using and customizing SIEM products.
Solid understanding of network protocols and architecture.
Demonstrated experience with performing digital forensics and incident response using tools such as HX, Mandiant Intelligent Response, FireEye Redline, RedSeal, Encase, or other enterprise tools.
Experience with network intrusion detection and analysis tools such as Bro, Suricata, Sourcefire, Snort and Wireshark.
Demonstrated experience with log analysis and administering enterprise log aggregation systems (Splunk, ELSA, Logstash).
Exposure to advanced malware technologies.
Experience solving problems with scripting languages such as Perl, Python, PowerShell or Bash.

Additional Qualifications:
Bachelor’s degree in computer science (or equivalent) is required.
Prior experience working in information security operations or Security Operations Center is preferred.
At least 4 years of documented information security work experience is required including:
Demonstrated experience operating information security tools is required.
Demonstrated experience integrating information security tools is required.
Demonstrated experience in incident response is required.
Certifications such as CISSP and SANS are a plus.
Understanding of the tactics, techniques and procedures of advanced attackers.
Exposure to protecting cloud-based and distributed infrastructures.
Ability to leverage multiple forms of communication to articulate complex concepts to both technical and non-technical staff, including senior management.
Demonstrated success at communicating in writing to both internal and external stakeholders, including vulnerability researchers.
Experience dealing with public vulnerability disclosure and response.

Note: Applications have been closed.


Recent jobs at FIREEYE CYBERSECURITY PVT. LTD.


Viewed: 2237 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend