This job ad has been posted over 30 days ago...



Security Operations Analyst Full-time

at BMC Software in Pune (Published at 29-09-2017)

The BMC Information Security Team is in search of a Security Analyst for our Information Security Operations (ISOC) in Pune, India. We are recruiting analyst who are result oriented, multi-disciplined and comfortable in operating and maintaining secured solutions for platforms running mission critical business applications in a homogeneous environment, at the enterprise level. The person is expected to work both independently and with team of other Security incident handlers handling complex assignments and situations with unstructured interaction.
Scope of Work
Security Monitoring
• Provide Information Security Operations Center (ISOC) support on a 24x7x365 basis by shift work with rotation
• Monitor multiple security alert sources, eliminate false positives, based on impact and nature of the Security incident triage significant security events and escalate per the established procedures
• Review automated daily security reports of key security controls, identify anomalies and, escalate critical security events to the appropriate stakeholders and follow-up as required.
Security Incident Response
• Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures
• Participate in all the phases of security incident response process, including detection, containment, eradication, and post-incident reporting.
• Record detailed Security Incident Response activities in the Case Management System.
• Wherever required perform memory forensics.
Malware Analysis
• Analyze, evaluate, and document malicious code behavior. Analysis will include static and dynamic analysis using industry standard tools and techniques, identifying exploit methods and targeted vulnerabilities where applicable.
• Ensure the accuracy and integrity of information throughout reporting.
• Participate in directed research and development tasks.
• Complete other tasks as directed by the ISOC Lead.
• Enhance and develop tools to identify unknown malware (including zero-day) using various characteristics of a file format including structure and location.
• Assist the ISOC lead in developing and setting up frameworks for developing Security incident response toolkit.

Additional Duties
• Act in the Shift Supervisor role when required, running the shift and assuming the shift leader responsibilities.
Selection Criteria:
• Bachelor's degree in computer science, information technology, systems engineering, or a related field.
• Minimum 2 years of Information Security experience required, freshers might be considered provided they have formal education in the field of Information Security;
• Understanding of how operating systems work and how malware exploits them.
• Understanding of network traffic and be able to analyze network traffic introduced by the malware.
• Thorough understanding of Windows Internals and memory management.
• Knowledge of common hacking tools and techniques
• Experience in understanding and analyzing various log formats from various sources.
• Experience in analyzing reports generated of SIM/SEM tools
• Proficient experience with the following concepts and related toolsets:
o Network sniffers
o Process analysis tools
o Registry analysis tools
o File analysis tools
o Memory analysis tools
Preferred Skillsets / Requirements
• GIAC Certified Intrusion Analyst (GCIA) or GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensics Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM)
• Client Understanding and Advising - Looks at issues from the client’s perspective and takes action beyond normal expectations to ensure client satisfaction.
• Learning Orientation - Stays abreast of new trends and developments in own specialty area, the broader industry, and exposes self to increasingly more challenging projects and opportunities to learn.
• Broad Business Thinking - Maintains an in-depth understanding of the long term implications of decisions both for department and the client’s business. Ensures that decisions are supported by relevant stakeholders as well as sound performance data.
• Compliance with Standards - Monitors and maintains records on requests for information and assistance.
• Information Systems / Technologies / Product / Services Knowledge - Resolves escalated problems of Service Desk.
• Knowledge of Emerging Technology - Tests new technology to evaluate capability compared to specifications.
• Negotiation - Investigates areas of disagreement.
• Risk Management - Reduces risk by solving day-to-day problems as they arise and takes action to prevent problems from recurring.
• Lead and Innovate - Brings new and different insights.
• Deliver Results for Clients - Contributes to delivery of results for clients on complex issues.
• Collaborate Within Teams and Across Boundaries - Collaborates within team and across boundaries.
• Create, Apply and Share Knowledge - Actively contributes to and readily applies knowledge for internal and/or external client solutions.
• Make Smart Decisions - Leverages available data and makes timely decisions.

Note: Applications have been closed.

Recent jobs at BMC Software

Viewed: 2394 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend