Advanced analyst

Job Description

• Vulnerability Management.
• Inhouse SOC team member (preferrable).
• Must have expert networking protocol knowledge.
• Able to demonstrate an understanding of current offensive / defensive computing and forensics.
• Should be able to provide threat Intel services.
• Prior experience detecting, analyzing and/or responding to security incidents.
• Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies.
• Good Communication skills.
• Hands-on experience with common security technologies (IDS, Firewall, Rapid7, EDR, Microsoft security suite etc.)
• Understanding of common security threats, attack vectors, vulnerabilities, and exploits
• Shift work, with flexibility to cover both day and nighttime shifts.
  
  

• Provide incident response as part of the 24x7 Security Operations Center
• Manage the security vulnerabilities and risks across WB including identifying, supporting application/system owners to manage risks and remediate vulnerabilities.
• Work closely with both business-oriented executives and technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively.
• Develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders.
• Produces and regularly evaluates all TVM programs and process related documentation.
• Ensure effective and complete scanning of the test, corporate and production environments.
• Create projects within the tool and monitor the progress & regular follow ups with Patching team and application & server owners.
• Monitoring of events & alerts from a multitude of technologies to detect malicious activity.
• Detailed analysis using a variety of tools and techniques to investigate, navigate, correlate, and fully understand security incidents of the data available.
• Conducts initial triage of security events and incidents. Facilitates communication within the SOC and documents progress throughout the Incident Response Lifecycle.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and correlation with different security tools.
• Proper escalation and hand-off of security incidents for containment and remediation.
• Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility.
• Jumping on the call with Vendors and other teams to discuss issues / to get their requirements and deliver the same in the form of projects.