Cond Nast is a global media company producing the highest quality content with a footprint of more than 1 billion consumers in 32 territories through print, digital, video and social platforms. The company s portfolio includes many of the world s most respected and influential media properties including Vogue, Vanity Fair, Glamour, Self, GQ, The New Yorker, Cond Nast Traveler/Traveller, Allure, AD, Bon App tit and Wired, among others.
Job Description
Location:
Chennai, TN
To deliver the above, we are recruiting for the post of Security Operations Centre (SOC) Analyst. The SOC analyst will, reporting to the SOC Manager, participate in the securing of Conde Nast assets across global markets by delivering a dedicated, focused and high-performing function to the organisation, which includes;
-
Security Event Monitoring
-
Event Triage and Escalation
-
Insider Threat monitoring and management
-
Security Incident Analysis and Response
-
Vulnerability Management
-
Threat Review and Analysis
-
Threat Hunting
-
Escalation point for SOC
The SOC Analyst will have the opportunity to develop skills across a broad range of security tools and solutions, many of which will be cutting-edge.
Required Skills: -
Minimum 8 years of Security Operations experience with at least 7 years of experience working with event monitoring and management, preferably in a SOC setting.
-
24X7 Security Operations Centre (SOC) and ensure seamless delivery of monitoring service and SLA management
-
Coordinate with global stakeholders to understand the infrastructure, application, and business process to understand the threat hunting and SOC Monitoring coverage.
-
Supporting SIEM platforms to ensure adequate log source integrations and fine-tuning
-
Demonstrated experience with endpoint telemetry, Malware analysis tools, Exploit kits and SIEM platforms(Splunk/IBM QRadar/ArcSight/Logrhythm)
-
Tactically supports the Vulnerability Management (VM), in the areas of the security patch and remediation management, must have experience in(Rapid7, Nessus, Tenable or others)
-
Work with the security Engineer to ensure all security tools and solutions are properly configured and maintained.
-
Incident Response - Escalation point of contact for incident response activities and acts as needed as Incident manager to ensure proper protection or corrective measures have been taken, and follows procedures to contain, analyse, and eradicate malicious activity
-
Threat Hunting - Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack. Experience with TIPs will be beneficial in developing the hypothesis.
-
SPAM/Phishing analysis - Executes analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures
-
In-depth knowledge of cyber defensive and offensive techniques, malware families and adversary tactics, techniques and procedures, MITRE ATT&CK, NIST Frameworks
-
Knowledge of Cloud infrastructure and security(AWS, GCP and Azure).
-
In-depth knowledge of Antivirus - McAfee/Symantec/Sophos
-
In-depth knowledge of EDR solutions(Sophos XDR/Crowdstrike/FireEye HX/SentinelOne/McAfee EDR/Symantec EDR)
-
Hands-on experience in managing any of the SOAR solutions (Rapid7 SOAR / InsightConnect / Swimlane / IBM Security Resilient)
-
Sound working knowledge of firewalls and VPNs: Palo-alto/FortiGate, VPN: Appgate VPN/Any other VPN
-
Hands-on experience with Network Detection and Response tools (Rapid7, Cortex or any other NDR tools)
-
Fundamental knowledge of the principles of Identity and access management
-
Fundamental knowledge of Encryption & PKI.
-
Good understanding of Proxies, WAF, Cyber deception technology, Windows, UNIX/Linux Security best practices
-
Provides audit, analysis, and material support for cyber-related validation, certification, standards, governance, process, infrastructure, deployment and ongoing maintenance.
-
Experience in using a scripting language to automate tasks.
-
Good communication and presentation skills
-
Experience of working in a fast-paced, globally dispersed environment
-
Good analytical, problem-solving solving and interpersonal skills
Educational Qualifications:
Certification
-
CompTia Security+, CompTia CySA+, SIEM Associate Admin or any similar SIEM admin certification
-
SSCP or similar certification
What happens next? If you are interested in this opportunity, please apply below, and we will review your application as soon as possible. You can update your resume or upload a cover letter at any time by accessing your candidate profile.
