Senior Security Analyst- IT Security and Compliance

JOB TITLE: Senior Security Analyst, IT Security and Compliance

COMPANY: Cornerstone

EXPERIENCE:4 + years of relevant exp

LOCATION: Pune (last option Mumbai)

COMPENSATION: 23.5 base LPA(overall CTC 27.5 LPA)

NOTICE PERIOD: 60 days or less

INTERVIEW ROUNDS: 3

ABOUT THE ROLE

We are seeking a highly skilled Cyber Defense Incident Responder to join our enterprise-wide cyber security team. The incumbent will be responsible for promptly identifying, mitigating, and resolving cyber defense incidents to ensure the security and integrity of our systems and data. This role requires expertise in incident response coordination, threat analysis, forensics, technical root cause analysis, trend reporting, proactive CAPA [Correct Actions & Preventive Actions] analysis etc.

KEY RESPONSIBILITIES
Collect intrusion artifacts such as malware, and trojans to facilitate mitigation of potential cyber defense incidents.

Provide expert technical insights to cyber defense engineers across the enterprise to resolve incidents promptly.

Coordinate incident response functions to ensure effective and timely resolution.

Monitor external data sources to stay informed about cyber threats and their potential impact on the enterprise.

Perform trend analysis and reporting to identify emerging cyber defense issues.

Conduct forensically sound collection and inspection of assets for mitigation and remediation.

Analyze alerts & data from organization's internal & public facing assets to determine possible causes and appropriate responses.

Write and publish after-action reviews and incident reports for organizational learning and improvement.

You've Got What It Takes If You Have:
4+ years of experience in cyber defense or incident response roles.

Consideration for privacy and security obligations.

Demonstrated commitment to valuing diversity and contributing to an inclusive working and learning environment.

Hand's on tools/platform experience: SIEM , IDS/IPS , EDR, Forensic Analysis Tools, Network Packet Analyzers, Vulnerability Scanners, Threat Intelligence Platforms, Incident Response Platforms, Malware Analysis Tools, DLP solutions.

CORE COMPETENCIES:

Business Continuity

Computer Forensics

Computer Network Defense

Incident Management

Information Systems/Network Security

Infrastructure Design

System Administration

Threat Analysis

Vulnerability Assessment

CORE KNOWLEDGE:

Understanding of business continuity and disaster recovery plans.

Skill in preserving evidence integrity according to established procedures.

Knowledge of intrusion detection methodologies.

Familiarity with cyber defense policies, procedures, and regulations.

Expertise in network security architecture and protocols.

Proficiency in malware protection techniques.

Understanding of incident response methodologies and timelines.

Ability to perform damage assessments accurately.

Knowledge of cloud service models and their implications for incident response.

Familiarity with system and application security threats and vulnerabilities.

Artificial Intelligence [AI] Security would be an added plus.

CORE TOOLS & PLATFORMS HANDS-ON EXPERIENCE:

• SIEM (Security Information and Event Management): SIEM tools to collect, analyze, and correlate security events from various sources across the network to identify potential security incidents. Examples include Splunk, IBM QRadar, and Elastic SIEM.
• IDS/IPS (Intrusion Detection and Prevention Systems): IDS/IPS tools to monitor network traffic for suspicious activity and can automatically block or alert on potential threats. Examples include Snort, Suricata, and Cisco, Crowdstrike.
• Endpoint Detection and Response (EDR): EDR tools to provide real-time monitoring and response capabilities on endpoints such as desktops, laptops, and servers. Examples include CrowdStrike Falcon, Carbon Black, and Microsoft Defender for Endpoint.
• Forensic Analysis Tools: Tools to help incident responders collect, preserve, and analyze digital evidence from compromised systems. Examples include EnCase Forensic, Autopsy, and Volatility Framework.
• Network Packet Analyzers: Packet analyzers to allow incident responders to capture and analyze network traffic to identify suspicious or malicious activity. Examples include Wireshark, tcpdump, and NetworkMiner.
• Vulnerability Scanners: Vulnerability scanners to help identify weaknesses in systems and applications that could be exploited by attackers. Examples include Nessus, OpenVAS, and Qualys.
• Threat Intelligence Platforms: To aggregate and analyze threat intelligence data from various sources to provide context on potential threats and attacks. Examples include ThreatConnect, Crowdstrike, PaloAlto, Proofpoint , Microsoft Defender, VirusTotal, Alient Vault
• Incident Response Platforms: To help automate and streamline incident response processes, including alert triage, case management, and remediation workflows.
• Malware Analysis Tools: Malware analysis tools to assist in analyzing and understanding the behavior of malicious software. Examples include Cuckoo Sandbox, VirusTotal, IDA Pro, Crowdstrike.

• Data Loss Prevention (DLP) Solutions: DLP solutions to help prevent sensitive data from being exfiltrated or leaked from the organization. They can also assist in incident response by identifying and mitigating data breaches. Examples include Symantec DLP, McAfee DLP, and Digital Guardian.

QUALIFICATIONS:

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
• Certified Information Systems Security Professional (CISSP), Certified Incident Handler (GCIH), or similar certifications preferred.
• Minimum of 4-5+ years of experience in cyber defense or incident response roles.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal abilities.
• Ability to work effectively in a fast-paced and dynamic environment.