Sr. Analyst- SOC | On-Site, Bangalore at Optiv

Bengaluru, Karnataka, India

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

CybersecurityIndustries

Requirements

6 or more years of full-time professional experience in the Information Security field
Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment as a point of escalation
Excellent time management, reporting, and communication skills including customer interactions and executive presentations
Data analysis using SIEM, Database tools, and Excel
Experience troubleshooting security devices and SIEM
Ability to create and maintain content within SIEM environments and make recommendations to clients to better their visibility
IDS monitoring/analysis with tools such as Sourcefire and Snort
Experience with SIEM platforms preferred (Exabeam, Elastic, SentinelOne, QRadar, LogRhythm, McAfee/Nitro, ArcSight, Splunk)
Direct (E.g., SQL Injection) versus indirect (E.g., cross-site scripting) attacks
Experience with the following attacks: Web Based Attacks and the OWASP Top 10, Network Based DoS, Brute force, HTTP Based DoS, Denial of Service, Network Based / System Based Attacks
Familiarity with SANS top 20 critical security controls
Understand the foundations of enterprise Windows security including Active Directory, Windows security architecture and terminology, Privilege escalation techniques, Common mitigation controls and system hardening
Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS)
Experience in monitoring at least one commercial AV solution such as (but not limited to) McAfee/Intel, Symantec, Sophos, or Trend Micro
Ability to identify common false positives and make suggestions on tuning
Understanding of root causes of malware and proactive mitigation
Propagation of malware in enterprise environments
Familiarity with web-based exploit kits and the methods employed by web-based exploit kits
Familiarity with concepts associated with Advanced Persistent Threats and “targeted malware.”
Experience and understanding of malware protection tools (FireEye) and containment

Responsibilities

Provide deep-level analysis for client investigations utilizing customer-provided data sources, audit, and monitoring tools at both the government and enterprise level
Work closely with Technology Engineers, Architects, and Threat Analysts to service customers
High level professional writing experience regarding documenting and reporting on potential security incidents identified in customer environments to include timeline of events
Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets
Provide analysis on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc
Perform knowledge transfers, document, and train clients regarding mitigation of identified threats
Provide ongoing recommendations to peers and customers on tuning and best practices
Actively research current threats and attack vectors being exploited in the wild
Actively work with analysts and perform investigations on escalations
Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach
Provide gap analysis for clients to better their security posture
Maintain and develop SOPs for threat analyst team
Develop and maintain Playbooks and runbooks
Work with internal teams to increase efficiency and effectiveness of security analysis provided by the threat analysis team
Training of new analysts on security and tools
Create and maintain Content Catalog based on security essentials and the evolving threat landscape
Provide quality assurance (QA) review of security alerts handled by Team members

Skills

SIEM

Anti-Virus

Content Filtering

Malware Prevention

Firewalls

Intrusion Detection Systems

Web Application Firewalls

Messaging Security Platforms

Vulnerability Scanners

Optiv

Cybersecurity advisory and solutions provider

About Optiv

Optiv helps businesses manage and reduce cyber risks by providing advisory services and solutions tailored to their specific needs. Their services cover the entire cybersecurity lifecycle, including strategy development, technology validation, and implementation of security measures. They serve nearly 6,000 clients across various industries, such as retail, manufacturing, and healthcare, ensuring that sensitive information is protected and digital systems remain secure. Unlike many competitors, Optiv focuses on customized solutions and ongoing support, adapting to the evolving cybersecurity landscape. Their goal is to empower organizations to secure their operations effectively and prepare for future challenges in technology, such as AI and IoT.

Denver, ColoradoHeadquarters

2015Year Founded

$12MTotal Funding

ACQUISITIONCompany Stage

Cybersecurity, AI & Machine LearningIndustries

1,001-5,000Employees