Responsibilities: * Conduct threat analysis using SOC tools like QRadar & LogRhythm. * Collaborate with incident response team on security incidents. * Monitor network activity for suspicious behavior.
Job Description CyberSecOn is looking for a talented and dedicated Cyber Security Analyst who can work remotely. A Cyber Security Analyst is responsible for maintaining the security and integrity of data. The security analyst must possess knowledge of every aspect of information security to protect company assets from evolving threat vectors.The main responsibilities will include: Monitor and investigate security events and alerts from various sources, such as logs, network traffic, threat intelligence, and user reports. Conduct proactive and reactive threat hunting campaigns to uncover hidden or emerging threats on the cloud environment. Perform root cause analysis and incident response to contain and remediate cloud abuse incidents. Document and communicate findings, recommendations, and lessons learned to relevant stakeholders and management. Develop and update cloud abuse detection rules, indicators, and signatures. Research and stay updated on the latest cloud abuse trends, tactics, techniques, and procedures (TTPs) of threat actors. Provide guidance and training to other security teams and cloud users on best practices and standards for cloud security. Manage multiple client environment cyber security infrastructure and applications. Knowledge of ServiceNow, Zoho desk, Jira/Confluence, etc. Perform vulnerability risk reviews using Qualys, Rapid7 and/or Tenable. Responsible for managing and improving the defined patch management & configuration review process and activities. Proactively manage applications, infrastructure security & network risks; ensuring security infrastructure aligns with companys compliance requirements. Skills & Experience: 4 years + years of experience in a security analyst role, preferably in a SOC environment. Good knowledge on security analyst, engineering, and project management experience Experience in client management for security projects. Knowledge and hands-on experience with SIEM technologies such as Microsoft Sentinel, Rapid7 Insight IDR, Wazuh, etc. Create play books and automation on Microsoft sentinel is desirable. Strong experience in Virtualisation, Cloud (Azure, AWS, other service providers) design, configuration, and management. Ability to manage priorities, perform multiple tasks and work under dynamic environment and tight deadlines. Ability to perform vulnerability assessments, penetration testing using manual testing techniques, scripts, commercial and open-source tools. Experience and ability to perform Phishing campaign and/or similar social engineering exercise. Subject matter expert in one or multiple areas as Windows, Unix, Linux OS. Vendor or Security specific certifications is preferred. Demonstrated analytical, conceptual and problem-solving skills. Ability to work effectively with limited supervision on multiple concurrent operational activities. Ability to communicate effectively via email, report, procedures in a professional and succinct manner. Preferred : Candidates who can join immediately or within 15 days.