Security Analysis Specialist Advisor

Location

Noida | India

Job description

Req ID: 272823

NTT DATA Services strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Security Analysis Specialist Advisor to join our team in Noida, Uttar Pradesh (IN-UP), India (IN).

Cyber Security Operations Specialist Advisor

The Threat Hunter, Advanced Security Analytics is a member of a team who proactively manages IT security on behalf of customers to reduce the impact of security incidents and system compromises. The successful candidate will provide security monitoring, level 2 and 3 event analysis, and countermeasure proposals. This position requires shift work in a 9/5 environment during US business hours and after-hours work may be required.

-Leads the Cyber Threat Hunt function with SOC Analysts, Incident Responders and Threat Managers.

- Conduct threat hunting and analysis using various toolsets based on intelligence gathered

- Actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in the network and in the host as necessary.

- Search network flow, PCAP, logs, and sensors for evidence of cyber-attack patterns, and hunt for Advanced Persistent Threats (APT)

- Create detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate team

- Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture

- Monitor open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs

- Provides guidance to contracted subordinates within the latitude of established policies.

- Recommends changes to policies and establishes procedures that affect immediate organization(s).

- Methodically examine all collected windows/linux host data for evidence of intrusion, malware, or unauthorized activity.

- Directly support the provide incident response support for critical security incidents as they arise

- Familiarity with offensive strategies and assessment methodology

- Work/Assist SIEM Admin team to create new use cases and provide them with all the required details.

• • Bachelor's degree in related filed, to include computer science, or equivalent combination of education and experience
  • 6 years of SIEM, or SOC experience
  • Strong communication, written, and verbal skills
  • Experience with writing/creation of formal documentation such as reports, slide decks, and architecture diagrams
  • Customer service/support experience
  • Ability to conduct in-depth forensic analytical studies and investigations
  • 8-10 Yrs. of relevant experience.

• • Splunk certification
  • Coding or scripting experience
  • Strong knowledge of Unix/Linux
  • Security+, GIAC, SSGB, ITIL, or similar certification
  • Working knowledge of applicable industry controls such as NIST 800-536 or Mitre Attack Framework

• • Typically requires 10-12 years relevant experience.

• Ability to perform general office requirements.
  • Must be able to perform essential responsibilities with or without reasonable accommodations.

Job tags

Salary