Talent.com
This job offer is not available in your country.
Security Operations Analyst, Senior

Security Operations Analyst, Senior

ConfidentialMumbai
30+ days ago
Job description

What you'll do & how you'll make your mark

  • The Security Analyst is responsible for ensuring the security and integrity of the organization's information systems and data.
  • This role involves identifying and mitigating security risks, reviewing project security requirements, and maintaining compliance with security standards.
  • The Security Analyst will also focus on detection engineering by designing systems to detect malicious activities and implementing automation technologies to streamline security operations, including vulnerability management and incident response.
  • Identify and ensure mitigation of information security risks within the organization standards, procedures, and practices across various types of projects.
  • Review requests for adherence to security policies, assuring requests are executed correctly.
  • Identify security incidents and respond to ensure threats and risks are contained.
  • Maintain integrity of security controls, toolsets, and other security-relevant services.
  • Develop and analyze security reports, and build presentations as required.
  • Facilitate status reports and other relevant information to compliance staff and department leadership.
  • Monitor and audit systems for security violations, vulnerabilities, and abnormalities.
  • Develop, implement, and maintain alignment with security control frameworks. Make updates to security policies, standards, procedures, practices, and operating procedures, as required.
  • Assist with incident handling and other incident response activities, as required.
  • Complete and monitor the status of corrective action plans, resolve audit findings and security issues, ensuring problems are resolved in an effective and timely manner.
  • Implement and evaluate the effectiveness of data loss prevention (DLP) policies and detections.
  • Design, build, and fine-tune systems and processes to detect malicious activities or unauthorized behaviors.
  • Implement tools, processes, and procedures to identify unusual or suspicious behavior that may indicate a breach.
  • Create actionable alerts based on detected threats to prompt immediate response from concerned teams.
  • Implement automation technologies to streamline security operations such as vulnerability management, threat detection, and incident response.
  • Use automation to reduce incident response time by enabling swift threat remediation through predefined actions.

Who you are & what you'll need to succeed

  • A working level understanding of controls (e.g., access control, auditing, authentication, encryption, and system integrity).
  • Versed in operating systems such as Linux (various distributions) and Microsoft Windows.
  • Experience with Microsoft Active Directory, encryption and algorithms, authorization and authentication mechanisms / software, network monitoring, TCP / IP networks, DNS, next generation firewalls, and intrusion detection / prevention systems.
  • General knowledge of network design and common network protocols, and infrastructure systems.
  • Ability to create scripts to automate processes in PowerShell, Python or Bash is a plus.
  • Ability to recognize and analyze malware.
  • Ability to analyze large data sets and identify patterns and anomalies.
  • Ability to quickly create and deploy countermeasures or mitigations under pressure.
  • Build effective relationships. Develop and use collaborative relationships to facilitate the accomplishment of work goals.
  • Experience with the PCI-DSS, ISO-27001, and / or SOC II compliance frameworks is a plus.
  • Experience implementing and measuring security controls aligned with NIST 800-53 and the Center for Internet Security (CIS) is a plus.
  • Project Management skills is a plus.
  • Experience with the following technologies is a plus : SentinelOne Singularity Platform, Tanium, Google Chronicle SIEM, Cloudflare L3-L7 security technologies, Tenable.io, Lacework, Recorded Future, KnowBe4, ServiceNow, Jira, Microsoft Defender for Endpoints, Microsoft Security and Compliance, Microsoft Azure Key Vault.
  • Experience with the native security service solutions for public cloud service providers (AWS, Google, Azure, Oracle) is a plus.

    • Educational And Certification Requirements

  • A degree in Cybersecurity, Information Technology, Computer Science, or related field is desirable.
  • Industry recognized certifications are a plus. Certifications may include : CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), CompTIA Security+, certifications issued by the SANS Institute, etc.
  • Certifications issued by public cloud providers (AWS, Azure, Google, Oracle, etc.) is a plus.

    • Skills Required

    Encryption, Auditing, Security Analyst, Authentication

    Create a job alert for this search

    Senior Security Analyst • Mumbai