Security Analyst - CERT Team

Offer published on 17 02 2025
Location :
Pune, India
Sector :
IS&Digital
Contract type :
Regular
Apply

Open positions

Security Analyst - CERT Team

- - - - - - - - - - - -

KEY EXPECTED ACHIEVEMENTS

1. Security Incident Handling:

  • Analyze and confirm the severity of security incidents based on available data.
  • Follow documented incident response procedures to resolve threats efficiently.
  • Collaborate with technical experts to develop and implement remediation plans.
  • Track and monitor corrective actions, ensuring stakeholders are informed and engaged.
  • Write detailed incident reports, including "hot" and "cold" feedback, for major incidents.
  • Participate in crisis management, including artifact collection, risk analysis, and first-level threat assessments.

2. Projects, Continuous Improvement, and Expertise Sharing:

  • Stay updated on the latest incident response techniques through training and daily monitoring.
  • Provide technical expertise for projects, including tool evaluations, risk analysis assistance, and technical audits.
  • Propose and develop new detection scenarios, automation tools, or enhancements to improve productivity.
  • Conduct team knowledge-sharing sessions by presenting in-depth technical topics.
  • Contribute to the broader expertise missions within the team based on skillsets.

Experience Requirements:

  • 10–12 years of relevant experience in cyber security, with a focus on security incident handling, detection, and analysis.

Qualifications and Skills:

Technical Skills:

  • Data Analysis & SIEM Tools:
    • Proficient in SPL (Search Processing Language) for data analysis, threat hunting, and creating dashboards.
    • Strong experience with SIEM tools like Splunk (Preferred), Q Radar or Sentinel.
  • Endpoint Protection (EPP) & Endpoint Detection and Response (EDR):
    • Hands-on experience with tools such as:
      • Trend Micro Deep Security
      • Microsoft Defender
      • Palo Alto Cortex
      • Tehtris eGambit
  • Network Security & Firewalls:
    • Knowledge of firewalls, IDS/IPS, VPNs, and network devices such as:
      • Cisco
      • Palo Alto Global Protect
    • Proficiency in analyzing firewall logs and interpreting PCAPs using tools like Wireshark.
  • Operating Systems & Scripting:
    • In-depth understanding of Windows and Linux log analysis.
    • Knowledge of PowerShell scripting and other system scripting languages.
  • Investigative Skills:
    • Ability to autonomously investigate alerts from detection to resolution.

Behavioral Competencies:

  • Strong analytical and problem-solving skills.
  • Ability to work independently while collaborating with a global team.
  • Excellent communication and report-writing skills.
  • Passion for continuous learning and knowledge sharing.
  • Flexibility to work in a fast-paced environment and support on-call rotations.

Availability

The role operates on a follow-the-sun model, requiring collaboration with the global Group CERT team. Analysts must operate 3-4 days from the office and be available on a rotation basis for Weekend on call support.