Senior Security Analyst ( Threat Intelligence )

Senior Security Analyst ( Threat Intelligence )

1 Nos.
47581
Full Time
2.0 Year(s) To 5.0 Year(s)
6.00 LPA TO 12.00 LPA
IT Infrastructure & IT Security / Support
Security/Law Enforcement
B.Tech/B.E. - Computers; B.Tech/B.E. - Other Engineering; BCA/BCS - Computers; MCA - Computers
Job Description:

Threat intelligence is evidence-based information, including context, mechanisms, and indicators of compromise, implications and actionable advice, about existing or emerging hazards to assets. Threat intelligence allows IT professionals to make decisions and take action accordingly. Positions in this function are involved in the body of technologies, processes, and practices designed to Monitor Cyber Threats, defend networks, Identity theft, or Brand Impersonation, including firewall, digital forensics investigative services, and incident management .

 

Primary Responsibilities:

Proficiency in developing detection signature such as Yara, Open IOC and Snort and understanding of Python, STIX, TAXI.
Functional understanding of Threat Intelligence lifecycle, MITRE ATT&CK Framework, NIST Framework, and Kill-Chain model.
Understanding of details analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors.
Strong experience in analyzing Deep & Dark Web and synthesizing actionable threat intelligence via open-source tools
Good hands on Cyber security Research & Development
Deep understanding of Attack Surface Monitoring
Threat & Vulnerability Management
Penetration Testing & Reverse Engineering
Analyze network traffic, IDS/IPS/DLP events, packet capture, and FW logs.
Strong knowledge of common tactics, techniques, and procedures (TTP) used by cyber adversaries and attributing to threat actor(s) or APT groups. ? Proven research skills involving deep-dive OSINT research techniques in generating raw data & advisory reports.
Successful experience in any combination of Threat Intelligence or CSIRT or Security monitoring, typically.
A proven track record with writing detailed security threat reports
 
Vulnerability Assessment & Penetration Testing:
 
 In-depth understanding of framework CVE, NVD, CVSS, CREST, MITRE, OWASP
 Conduct Vulnerability Assessments and penetration tests and use various opensource and commercial tools like Nessus, Nmap, Metasploit, Kali Linux penetration testing tools
 Good Knowledge of the server side vulnerabilities ( specially which leads / can be chained to RCE )
 Good understanding of Mobile and/or web application reversing
 Email, phone, or physical social-engineering assessments
 Shell scripting or automation of simple tasks using Perl, Python, or Ruby
 Developing, extending, or modifying exploits ( ability to chain multiple vulnerabilities )
 Web Services / Application Programming Interface (API) Penetration Testing
 Network, Mobile Application Penetration Testing & Thick Client Penetration Testing
 Enhancing and updating testing methodologies, processes and standards documentation
 Use advanced analytics tools to determine emerging threat patterns and vulnerabilities
 
Pre-Requisites:
Any Graduate in Computer Science, Information Technology, Information Security, or related field
Must be from a technical background (B.Tech/ BCA)
Excellent communication & presentation skills
Must have an ability to work independently
Should have technical acumen and Go-getter attitude
Certification good to have: CEH, PNPT, OSCP, ePPTx, SANS, OSCP, CTIA
Ability to multi-task
General professional writing proficiency
 
 
 
Offered Benefits / Facilities :
  • Opportunity to work in a customer-facing environment
  • Fast-paced learning culture
  • Flexi work environment
  • Best in industry remunerations
  • Rewards and Awards Programs
  • Semi-Annual Performance review cycle (Post Anniversary appraisal)
  • Health Insurances worth 5,00,000 and Accidental Insurance worth 2,00,000 for all employees
  • Hybrid work culture and the environment
  • Opportunity to develop skills & knowledge in various domains.
Company Profile

The company is a globally recognized CERT-in Empanelled and ISO 27001 certified organization. Established in January 2018, the company  offers the full gambit of cyber security services Data Governance & Protection, IT Audit & Assurance, Compliance Management, Vulnerability Management .

Apply Now

  • Interested candidates are requested to apply for this job.
  • Recruiters will evaluate your candidature and will get in touch with you.

Similar Jobs