Senior Threat Analyst - - Sophos - 5 to 10
- Sophos
- 5 - 10 years
- Remote
- 5 months ago
- Email to a friend
- Report this job
Job Description
- As an MDR Threat Analyst, you will work with enterprise systems, log analysis systems, and endpoint collection systems to facilitate the investigation, identification and neutralization of cyber threats
- You will work alongside and contribute to a team of analysts with the objective of providing best in class monitoring, detection and response services
What you will do
- Handle escalations from level I Threat Analysts - guide / advise on investigation handling
- On-board and train new Threat Analysts
- Participate in Security Operations process improvement and creation
- Provide detection and response to security events and cyber-threats
- Conduct security log management and monitoring
- Maintain information security metrics
- Provide assistance to core security and threat response teams
- Create MDR service-related reports
- Create cases for clients
- Track and follow up with client through threat neutralization
- Interact with clients via various mediums
- Actively research recent Indicators or Compromise/Attack, exploits and vulnerabilities
- Obtain metrics for reporting on threat trends, intelligence analysis and situational awareness
What you will bring
- 5+ years of experience working in a SOC environment or computer security team in an IT environment
- Endpoint and network security experience required; IDS, IPS, EDR, ATP, Malware defenses and monitoring experience
- Threat hunting experience preferred
- Knowledge of common adversary tactics and techniques, eg, obfuscation, persistence, defense evasion, etc
- Knowledge of Mitre ATT&CK framework preferred
- Working knowledge of incident response procedures
- Experience with SQL query construction preferred
- Experience with OSQuery is a plus
- Experience administering and supporting Windows OS (both workstations and server) and one of the following: Apple or Linux-based operating systems (eg XP, Windows 7, 2003, 2008, OS X)
- Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc
- Strong understanding of Windows event log analysis
- Experience with enterprise information security data management - SIEM experience a plus
- Programming and scripting skills - proficient knowledge of Powershell is a plus
- Excellent troubleshooting and analytical thinking skills
- Strong documentation and communication skills
- Advanced Cyber Security certifications preferred but not required
- Excellent customer service skills
- Passion for all things information technology and information security
- Natural curiosity and ability to learn new skills quickly
- Ability to think outside the box
- Innovative mindset
- Bachelors in Information Technology, Computer Science or a related field; or relevant commensurate work experience
- Willingness to work outside of standard business hours including weekends and holidays - our Managed Detection and Response is a 24X7X365 service
- Must be able to thrive within a team environment as well as on an individual basis
Job Classification
Industry: IT Services & ConsultingFunctional Area: IT Services & Consulting
Role Category: IT Security
Role: Security Engineer / Analyst
Employement Type: Full time
Contact Details:
Company: SophosLocation(s): Remote
+ View Contact
Keyskills: Linux Information security SOC Network security Windows Troubleshooting Information technology Monitoring SQL Recruitment
Fraud Alert to job seekers!
₹ 5-10 Lacs P.A
Similar positions
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in
