Senior Security Analyst ( Threat Intelligence )
1 Nos.
47581
Full Time
2.0 Year(s) To 5.0 Year(s)
6.00 LPA TO 12.00 LPA
IT Infrastructure & IT Security / Support
Security/Law Enforcement
B.Tech/B.E. - Computers; B.Tech/B.E. - Other Engineering; BCA/BCS - Computers; MCA - Computers
Job Description:
Threat intelligence is evidence-based information, including context, mechanisms, and indicators of compromise, implications and actionable advice, about existing or emerging hazards to assets. Threat intelligence allows IT professionals to make decisions and take action accordingly. Positions in this function are involved in the body of technologies, processes, and practices designed to Monitor Cyber Threats, defend networks, Identity theft, or Brand Impersonation, including firewall, digital forensics investigative services, and incident management .
Primary Responsibilities:
Proficiency in developing detection signature such as Yara, Open IOC and Snort and understanding of Python, STIX, TAXI.
Functional understanding of Threat Intelligence lifecycle, MITRE ATT&CK Framework, NIST Framework, and Kill-Chain model.
Understanding of details analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors.
Strong experience in analyzing Deep & Dark Web and synthesizing actionable threat intelligence via open-source tools
Good hands on Cyber security Research & Development
Deep understanding of Attack Surface Monitoring
Threat & Vulnerability Management
Penetration Testing & Reverse Engineering
Analyze network traffic, IDS/IPS/DLP events, packet capture, and FW logs.
Strong knowledge of common tactics, techniques, and procedures (TTP) used by cyber adversaries and attributing to threat actor(s) or APT groups. ? Proven research skills involving deep-dive OSINT research techniques in generating raw data & advisory reports.
Successful experience in any combination of Threat Intelligence or CSIRT or Security monitoring, typically.
A proven track record with writing detailed security threat reports
Vulnerability Assessment & Penetration Testing:
In-depth understanding of framework CVE, NVD, CVSS, CREST, MITRE, OWASP
Conduct Vulnerability Assessments and penetration tests and use various opensource and commercial tools like Nessus, Nmap, Metasploit, Kali Linux penetration testing tools
Good Knowledge of the server side vulnerabilities ( specially which leads / can be chained to RCE )
Good understanding of Mobile and/or web application reversing
Email, phone, or physical social-engineering assessments
Shell scripting or automation of simple tasks using Perl, Python, or Ruby
Developing, extending, or modifying exploits ( ability to chain multiple vulnerabilities )
Web Services / Application Programming Interface (API) Penetration Testing
Network, Mobile Application Penetration Testing & Thick Client Penetration Testing
Enhancing and updating testing methodologies, processes and standards documentation
Use advanced analytics tools to determine emerging threat patterns and vulnerabilities
Pre-Requisites:
Any Graduate in Computer Science, Information Technology, Information Security, or related field
Must be from a technical background (B.Tech/ BCA)
Excellent communication & presentation skills
Must have an ability to work independently
Should have technical acumen and Go-getter attitude
Certification good to have: CEH, PNPT, OSCP, ePPTx, SANS, OSCP, CTIA
Ability to multi-task
General professional writing proficiency
Offered Benefits / Facilities :
- Opportunity to work in a customer-facing environment
- Fast-paced learning culture
- Flexi work environment
- Best in industry remunerations
- Rewards and Awards Programs
- Semi-Annual Performance review cycle (Post Anniversary appraisal)
- Health Insurances worth 5,00,000 and Accidental Insurance worth 2,00,000 for all employees
- Hybrid work culture and the environment
- Opportunity to develop skills & knowledge in various domains.
Company Profile
The company is a globally recognized CERT-in Empanelled and ISO 27001 certified organization. Established in January 2018, the company offers the full gambit of cyber security services Data Governance & Protection, IT Audit & Assurance, Compliance Management, Vulnerability Management .
Apply Now
- Interested candidates are requested to apply for this job.
- Recruiters will evaluate your candidature and will get in touch with you.