LEVEL 2 SECURITY ANALYST JOB DESCRIPTION

NetSentries a fast-growing company, specialized in information security services. We are looking for experienced Security Analysts (Level 2) for our office located at Cochin.

As a Level 2 Security Analyst you will be responsible for the following:

  • Create rules, filters, active channels, queries, trends and all other informational content based on use cases
  • Develop, implement, maintain and execute standard content development practices for SIEM Platform
  • Work with business unit SMEs on use cases and to create correlation rules and content that is relevant to that business unit
    Communicate and collaborate with security operations centre analysts to optimize HP ArcSight performance to better meet the needs of operations
    Tune correlation rules and event data quality to maximize SIEM system efficiency
    Provide support, recommendations and optimization for the SIEM platform
    This position supports clients who are typically companies that are highly regulated, with comprehensive security and control needs. Hence the ideal candidate for this position should have:
    Experience in managing multiple SOC customers.
    Strong troubleshooting skills and Knowledge of SIEM technologies such as Qradar, ArcSight, RSA Envision etc.
    Possess TCP/IP networking skills for performing network troubleshooting to isolate and diagnose common network problems
    Respond to customer queries regarding their access to network resources through their managed device
    Ability to resolve problems independently and understand the escalation procedure
    Interface with onsite clients to understand the quality aspects and expectations, as needed
    Collaborate effectively with local team members and offshore staff to create ‘best practice’ processes
    Proven Knowledge and expertise in SIEM administration tasks including troubleshooting of various SIEM components
    Experience in event monitoring, correlation, event analysis, investigation and remediation of security events.
    Experience in Designing and implementing Security Incident Management Process
    Good knowledge of Various security Technologies
    Knowledge of TCP/IP protocols and analysis
    Knowledge and experience in security products such as Firewalls, DLP, and next gen devices is added plus
    Relevant professional experience including working knowledge or high-level awareness of the following technologies:
    Log Management and SIEM (e.g. Splunk, IBM QRadar, HP ArcSite, etc.)
    Firewalls (e.g. PaloAlto Networks, Checkpoint, Cisco ASA, Juniper SSG, PFSense, etc.)
    Routers (e.g. Cisco, Juniper, etc.)
    Network Analysis Tools (e.g. Netwitness, Wireshark, etc.)
    System Analysis and Forensic Tools (e.g. FTK, EnCase, etc.)
    Endpoint Security (e.g. Bit9, Carbon Black, Symantec, McAfee, Forefront, etc.)
    Windows Management (e.g. WSUS, SCCM, SCOM, Active Directory, Group Policy Objects, etc.)
    Vulnerability Management (e.g. NeXpose, Tenable Nessus, etc.)
    Penetration Testing Tools (e.g. Metasploit, Backtrack, Kali, etc.)
    Operating Systems (e.g. Windows Server 2008/2012, CentOS Linux, OSX, etc.)
    Enterprise Microsoft Solutions (e.g. Exchange, Sharepoint, Lync, etc.)
    Regulatory Regimes (e.g. ISO27K, SSAE16, HIPPA, PCI, FISMA, etc.)
    Internet Policy Enforcement, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions
    CISSP / CISA / CEH / ECSA / CHFI or other information security certifications

If you are looking for a work environment filled with learning and if your profile matches the job description, please send your detailed resume to careers@netsentries.com

Leave a Reply

Your email address will not be published. Required fields are marked *