Overview:
As a Security Analyst, you will play a critical role in safeguarding our organization’s data and information systems. Your expertise in cybersecurity will be essential for identifying and mitigating potential security threats and vulnerabilities. If you’re passionate about protecting digital infrastructure and staying ahead of emerging risks, this role is for you.
Responsibilities:
1. Expert on any SIEM Tool with below delivery objectives
o Design and implement SIEM solutions using Tool to detect and respond to security incidents.
o Work with the security operations team to ensure that the SIEM system is configured and optimized to detect and respond to security incidents.
o Develop and maintain SIEM dashboards, alerts, and reports.
o Create and maintain SIEM use cases to detect specific security threats.
o Analyse SIEM data to identify trends and patterns.
o Troubleshoot and resolve SIEM-related issues.
o Perform SIEM upgrades and patching.
o Provide training and support to the security operations team on the use of the SIEM system.
o Documentation, reporting, presentation, teamwork, and DHS wide collaboration are among the expected duties and mission of the task order.
2. Security Assessments and Audits:
o Conduct regular security assessments and audits to identify potential vulnerabilities.
o Implement and maintain security protocols and procedures to protect information systems and data.
3. Monitoring and Threat Detection:
o Monitor network traffic for suspicious behaviour and identify potential threats.
o Respond to and investigate security incidents and breaches promptly.
4. Stay Informed and Proactive:
o Stay up to date on the latest intelligence, including hackers’ methodologies, to anticipate security breaches.
o Develop strategies to handle security incidents and coordinate responses effectively.
5. Education and Documentation:
o Educate staff on information security through training and awareness programs.
o Document security breaches and assess the damage they cause.
6. Tools and Countermeasures:
o Recommend and install appropriate tools and countermeasures to prevent cyber-attacks.
7. Collaboration and Best Practices:
o Collaborate with management to create an organization-wide best practices policy for cybersecurity.
o Cross functional trainings by sharing your knowledge with peers and gaining knowledge from them.
· Experience: Minimum 5+ years of relevant experience in security analysis.
· Deep understanding on following is required to corelate to identified vulnerability.
1. AD server (windows 2012 and 2019)
2. Cisco core switches
3. Meraki / FortiGate firewall
4. Physical servers, switches and storages
5. Virtual machines
6. vMWare / ProxMox (optional and can be trained)
7. Understanding on Cloud platform is plus.
Resource must be able to uderstand Routing, vLAN, Network ACL, Wireless Ent Auth (802.11x), AD NPS, AD-DS, GPO, DNS, Cert Authority, DHCP, Firewall policies, IDS/IPS policies, App/web Content policies, Policy based routing, VPN, SDWAN (understanding), NAC (optional).
· Skills:
o Proficiency in security log analytics.
o Strong understanding and hand on experience in information technology and security systems.
o Familiarity with the latest security principles, techniques, and protocols.
o Relevant experience as security professionals working in healthcare / ITeS / BPO etc.
