Full-Time Threat and Incident Response Analyst

Job Description: We seek a highly motivated and skilled Threat and Incident Response Analyst to join our information security team. The ideal candidate will be a career-driven and passionate security professional who would like to work with the latest tools and methodologies to investigate and respond to attacks against our organization and its assets.

Responsibilities:

• Identify and analyze cybersecurity threats impacting the organization's environment.
• Responsible for proactively discovering new attacks through the use of advanced security monitoring techniques and tools.
• Investigate and respond to identified security incidents using a defined incident response process
• Create playbooks and processes to respond to incidents.
• Collaborate with the engineering team to automate response to security incidents
• Identify emerging threats and ensure the detection and response capabilities of the organization are updated for the latest threat landscape.
• Perform threat modeling across the technologies and applications across the organization and ensure that all identified threats have required security controls in place.
• Identify data sources and security monitoring use cases relevant to the organization's threat defense requirements and onboard them to the SIEM platform.
• Operate and Administer SIEM platform
• Utilize security tools like SIEM, EDR, WAF, IDS, Netflow to investigate and respond to threats
• Responsible for assessing, curating, and managing Threat intelligence feeds to enable the correlation of security events.
• Participates in an on-call rotation for 24x7 support of security operations.

Qualifications:

• 5-7 years of work experience in the information security industry focused on security/threat analysis and prevention and detection technologies
• Strong analytical skills and self-motivated to learn and adapt to new technologies and methodologies.
• In-depth knowledge of technologies like Unix/Linux, Windows, AD, Databases, Cloud, DevOps
• Experience with endpoint and network security technologies like IDS, IPS, EDR, ATP, Malware defenses
• Experience with SIEM and Log management technologies
• In-depth understanding of Cyber Threat TTP's, Threat Hunt methodologies, and the application of the Mitre Attack framework
• Experience with scripting languages
• Well versed with threat modeling methodologies like STRIDE, PASTA
• Ability to communicate and collaborate effectively with technical and non-technical team members in different geographies and a fast-paced work environment.

What is the last date for applying to the job?

Which countries are accepted for this remote job?