This job ad has been posted over 30 days ago...



Cyber Security SIEM Analyst Full-time

at Ascena Retail in Banglore (Published at 13-08-2018)

Job Summary:
The individual in this position will be part of a team of SIEM analyst’s responsible working in the Ascena SOC, handling the care and feeding of our SIEM solution. This role will be expected to configure logs, update documentation, install SIEM related tools/plug-ins/add-ons, troubleshoot SIEM connectors/forwarders, as well as creating new runbooks for new processes. The right candidate for this role will be technical and must be able to document processes as they change. The right candidate will also be able to communicate and coordinate effectively with teammates and leadership.

Roles & Responsibilities:
• Ensure all necessary log source feeds are flowing and tuned, if needed.
• Aid in creation of dashboards, reports, use cases, and other ad hoc operational tasks.
• From time to time, as directed, perform threat hunting activities looking for IOC’s in multiples
tools and log sources.
• Assisting in building SOC and CSIRT processes, procedures, and training.
• Identify risks to the organization in whatever form they present themselves.
• Perform network, host, and memory forensic analysis on various operating systems and
• Analyze advanced malware samples and remediate threats to users and assets.
• Leverages ability to identify new attack TTPs and recommend mitigation techniques
• Build scripts, tools, or methodologies to enhance incident investigation processes
• Conduct host and network analysis, forensics, log analysis, and malware triage in support of
incident response investigations
• Maintain an understanding of the current vulnerabilities, response, and mitigation strategies
used in security operations.
• Monitor, report, and enforce compliance of security policies and standards.
• Serve as an active participant in the information security governance process.
• Maintain a knowledge base comprising of a technical reference library, security advisories,
and alerts, information on security trends and practices.
• Work with IT leadership and business stakeholders to report metrics and reporting strategies
that effectively communicate successes and progress of the security program.

Technical Skills:
• Applied knowledge of endpoint attack methods
• Applied knowledge of incident response practices including incident management,
coordination Analysis and investigation.
• Intermediate skills using Windows CMD line, Powershell, and Linux Bash.
• Advanced knowledge of threat and vulnerability landscape.
• Advanced knowledge of enterprise operating systems (Windows, Linux (RHEL) and AIX
UNIX), IAM, anti-malware (EPP and EDR), automated policy compliance and desktop
security tools.
• Knowledge of network infrastructure, including routers, switches, firewalls, and acceptable
Protocols, ports, and concepts
• Knowledge in application security testing (static, dynamic) and cloud security concepts
• Knowledge of security models and frameworks (SANS Top 20, FAIR, ISO 27002)
• Experience with regulatory guidelines (PCI, SOX, HIPAA. . . etc.)

Education and Experience:
• 4+ years of experience with processes, tools, and SOC procedures.
• Technical industry certifications (OSCP, GIAC, SANS, CISSP, etc.) and/or a Bachelor’s
degree in a computer related discipline.

Viewed: 891 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend