Associate-Threat Analyst Job in Bengaluru at Optiv

Optive is hiring for the role of Associate Threat Analyst!

Responsibilities of the candidates:

• Analyze, document and report on potential security incidents identified in customer environments.
• Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets.
• Provide triage on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc.
• Perform knowledge transfers, document, and triage client’s issues regarding mitigation of identified threats
• Provide ongoing recommendations customers on best practices
• Actively research current threats and attack vectors being exploited in the wild
• Utilize defined SOP’s and KB’s
• Performs other duties as assigned
• Complies with all policies and standards

Requirements:

• Less than 2years of working with Incident Ticketing Systems (i.e. ServiceNow, Remedy, Remedy Force, Heat, etc.). required
• Desire to gain full-time professional experience in the Information Security field
• Excellent time management, reporting, communication skills, and ability to prioritize work
• Customer interactions and working through various issues
• Base knowledge of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV
• Ability to work customer’s environments to report on critical security events
• Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem
• Queue management
• Data analysis using SIEM, Database tools such as Elastic, and Excel
• Experience troubleshooting security, network, and or endpoints
• IDS monitoring/analysis with tools such as Sourcefire and Snort
• Experience with SIEM platforms preferred (QRadar, LogRhythm, Exabeam, Securonix, and Splunk)
• Familiarity with web-based attacks and the OWASP Top 10 at a minimum
• Attack vectors and exploitation
• Mitigation, Active Directory
• Direct (E.g. SQL Injection) versus indirect (E.g. cross-site scripting) attacks
• Common system hardening best practices
• Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS)
• Propagation of malware in enterprise environments
• Experience with malware protection tools such as FireEye a plus.
• Understanding of malware mitigation controls in an enterprise environment.
• Network Based Attacks / System Based Attacks
• Familiarity with vulnerability scoring systems such as CVSS
• Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks
• Eligibility to obtain security clearance
• Shift flexibility, including the ability to provide on call support when needed
• This role is Work from Office and 24/7 shifts