Sr Analyst, Info/Cyber Security, Incident Response & Handling

This role of Security Analyst - Incident Response will perform the computer incident response function of the Security team at Skillsoft. This analyst will work closely with the other teams across Skillsoft and help mature a constantly evolving computer network defense program. This analyst provides procedural expertise on a day-to-day basis and is responsible being responsive and timely in analyzing & responding to critical events.

OPPORTUNITY HIGHLIGHTS

• Respond to threats within our corporate, production environments.
• Build, execute and refine on incident response plans, identify root cause and drive mitigations to prevent future occurrences.
• Gather, mentor and provide insights to team members in technical detection and response best practice.
• Identify and execute on projects that improve intrusion detection and incident response capabilities by collaborating with the security platform engineering team.
• Refine incident response procedures. Improve existing and create new investigation & remediation workflows - automation, context, and orchestration.
• Be a part of Skillsoft line of defense. We handle active security events and cutting-edge threats from a variety of sources, you will be part of a global cybersecurity team.
• Assist in mitigating future threats and closing gaps through analysis of recurring incident trends - maintain incident metrics and assist in reporting to leadership.

SKILLS & QUALIFICATIONS:

• Bachelor’s degree in computer science, Information Systems, or related field required.
• Typically requires 4 - 6 years of experience in related field specifically In the areas of security Incident response and handling.
• Advanced understanding and experience in Incident Response and associated best practices.

• Good hands-on knowledge of Microsoft security tool stack and its implementation, preferably Microsoft Sentinel and Defender but not limited to the same.
• Good hands knowledge on threat detection, DLP and other security tools.
• Good hands-on knowledge DNS security tools, PAM tools.
• Good hands-on knowledge on the MITRE ATT&CK Framework and understanding the latest threat landscape, prepare use-case and develop them Into detection rules with security engineering team.
• Experience in identifying, analyzing, scoping, containing, and eradicating real-world threats.
• An understanding of the current threat landscape and adversary tactic, techniques, and procedures (TTP's).
• Strong cross-functional orchestration skills.
• The ability to lead through influence.
• Strong written and oral communication skills.
• Knowledge of enterprise-scale security technologies and capabilities to include SIEM, log analysis, incident case management, HIDS/NIDS, antivirus, full packet capture, malware analysis, firewall, remote forensics, user behavior analytics.
• Strong continuous process design and improvement skills.
• Knowledge of Linux, Windows, and OS X operating systems.
• Knowledge of network and host-based forensic methodologies.
• Good knowledge In handling tickets and operational activities.
• Ability to work in shifts as per the requirements of the team and organization.