Information Security Analyst, Managed Services
Location
Work from home | India
Job description
- SecurityScorecard s Information Security Analyst is a key role within our Managed Services practice of our broader Professional Services Team This position will provide technical analysis of high volume information to detect, identify and respond to cyber threats on our Customer s behalf
- You will work within our custom tools and our SecurityScorecard platform to operationalize our Customer s third- and fourth- party vendor risk management programs
- You will apply a security practitioners mindset to vendor management problems to ensure our Customers are protected and informed across their vendor ecosystem
What You ll Do:
- Responsible for daily analysis and monitoring of security and third party vendor risk management
- Monitor SIEM, EDR, and other security tools for detection and identification of security events
- Proactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits;
- Perform threat hunting to identify potential security threats, as well as vulnerability and threat intelligence research for specific attacks
- Tune endpoint and network security tools as needed, understand their configuration and setting options
- Review threat intelligence reports and communicate TTPs (techniques, tactics and procedures) to Customers
- Become an expert in the SecurityScorecard platform, utilizing the product to import, monitor and respond to risks in a Customer s vendor ecosystem
- Provide feedback, design or create scripts/tools to automate repetitive tasks observed in daily operations
- Contribute to the managed services team by consulting with others on information security topics, conducting training, and documenting recommendations and exceptional deliverables to raise overall awareness on good cyber hygiene.
What We need you to have:
- At least 3+ years of information security experience
- 5 years of general experience in a technology discipline
- Proven expertise with various security tools including IDS/IPS, SIEM, endpoint protection, proxy, cloud security, and vulnerability scanners.
- Knowledge of at least one of the major information security management systems such as NIST CSF, NIST SP800-53 or ISO27000.
- Hands-on experience in at least one technical cybersecurity domain such as security monitoring, incident response, cloud analytics, threat intelligence or security training.
- Excellent written and verbal communication skills.
- Ability to lead an informed discussion and bring clients to understand information security risks and needs.
- At least one certification in the following list: CompTIA Security+, CEH, GCIH, GCFA, GNFA, GCTI, CISA or CRISC is desired.
Benefits:
Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more!
Job tags
Salary