Post:
Cyber Security Analyst L3
Total Vacancies:
Department:
IT
Description:
Key Responsibilities:
1. Threat Investigation & Incident Response:
o Develop and implement advanced investigation strategies for cybersecurity incidents.
o Conduct detailed log analysis to identify threats, anomalies, and potential breaches.
o Perform malware analysis to understand behavior and mitigate threats.
o Manage end-to-end incident response processes and root cause analyses.
2. Open-Source SIEM Expertise:
o Operate and integrate open-source SIEM platforms such as Wazuh, AlienVault, and others.
o Configure and fine-tune SIEM to enhance log ingestion, rule creation, and threat detection.
3. Endpoint Detection and Response (EDR):
o Investigate incidents using EDR solutions like Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne.
o Analyze endpoint telemetry and execute threat hunting processes.
4. Cloud Security:
o Conduct cloud security reviews for platforms such as AWS, Azure, and Google Cloud.
o Provide recommendations to strengthen cloud architecture and user authentication processes.
5. Server Hardening & CIS Benchmarks:
o Implement server hardening techniques based on CIS benchmarks.
o Perform security assessments to address identified vulnerabilities.
6. Threat Intelligence & SOAR Integration:
o Leverage threat intelligence platforms to proactively identify and mitigate potential threats.
o Work on SOAR (Security Orchestration, Automation, and Response) platforms to automate incident handling processes.
7. Incident Handling & Communication:
o Lead incident handling efforts, coordinating with internal and external stakeholders.
o Provide clear, concise, and actionable communication to technical and non-technical audiences.
8. Linux & Log Analysis:
o Review and analyze Linux system logs to identify potential security issues.
o Investigate unauthorized access attempts and system anomalies.
9. Client Management:
o Collaborate with US-based clients, ensuring their cybersecurity needs are met.
o Deliver regular reports, updates, and recommendations to clients.
Responsibilities:
Educational Qualification:
Essential Qualification:
10+ years of hands-on experience in cybersecurity, incident response, and threat investigation.
· Expertise in open-source SIEM platforms like Wazuh, AlienVault, and their integration.
· Proficiency with EDR solutions such as Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne.
· Strong knowledge of cloud security best practices and architecture reviews.
· Experience in server hardening following CIS benchmarks.
· Familiarity with SOAR platforms and threat intelligence tools.
· Solid understanding of Linux systems and log review methodologies.
· Excellent communication skills for client interactions and technical reporting.
· Proven ability to work with international clients, especially in the US.
Preferred Certifications:
· Certified Information Systems Security Professional (CISSP)
· Certified Incident Handler (GCIH)
· Certified Ethical Hacker (CEH)
· Microsoft Certified: Azure Security Engineer Associate
· AWS Certified Security – Specialty
Posted On:
15/05/2025
Last Date:
Location:
Experience:
10+
Prefered Gender:
Male or Female
Location:
Gurugram
Min Salary:
Max Salary:
Min Age:
Max Age: