7+ Threat analysis Jobs in India

Company: A cyber security company, helping leaders continuously improve their security posture.

Team Size: 200 +

Responsibilities

• Analyze, plan, and develop requirements (and standards) for scheduled projects.
• Assign and oversee the daily tasks of technical personnel while ensuring the team is working toward established milestones.
• Hold regular team meetings to determine the progress and address any questions or challenges regarding projects.
• Determine and define clear deliverables, roles, and responsibilities for security engineers required for specific projects or initiatives.
• Research and evaluate different trends and technology in the cyber space and articulate the same to the team.
• Hands-on experience with vulnerability management tools and strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, database, and application servers.
• Strong written and verbal communication skills with the ability to collaborate through all parts of the business.
• High performance skillset which not only understands the threat spaces as it relates to risks, but also is able to meet the technical challenge of communicating this out to our teams/customers.
• Leadership skills which bring out the best in the team. This includes both direct leadership but also cross-functional capabilities.
• 5+ years in a vulnerability management program. Knowing not only how to assess vulnerabilities, but prioritize and drive remediation of the same.
• Ability to communicate at the executive leadership levels. Understanding how to translate technical gaps to business risk is critical for communication in this role.
• Reporting gaps in a meaningful way that addresses a business risk as well as providing technical solutions to the operations teams in remediation is key.
• Experience in interacting with auditors and regulators.
• Travel to client location (within India and abroad) as and when required.
• Conduct exit briefing and presentation to clients and relevant stakeholders.
• Work with pre-sales on technical proposals and RFP responses.
• Certification in Project Management or related technical field will be an added advantage.
• Experience in working in a high-level collaborative environment and promoting teamwork
• Ability to predict challenges and seek to proactively head-off obstacles.

Education : Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience

Experience : 12 -16 years

Location : Chennai (Hybrid)

Compensation: Best in Industry

Why should we talk?

We are a bunch of passionate cybersecurity professionals who are building a culture of security. Today, cybersecurity is no more a luxury but a necessity with a global market value of $150 Billion. Our vision is to make cybersecurity available for all, not just the Fortune 500 companies.

We live by a people-first approach. We firmly believe that our employees should enjoy what they do. For our employees, we provide a hybrid work environment with a competitive best in industry pay, while providing them with an environment to learn, thrive, and grow. Our hybrid working environment allows employees to work from the comfort of their homes or the office if they choose to. For the right candidate, this will feel like your second home.

If you are passionate about cybersecurity just as we are, we would love to pick your brains.

1.Triage of security alerts that includes but not limited to malware, denial of service, unauthorized access, etc.

2. Conduct incident investigations on SIEM tools.

3. Perform threat hunting on networks to detect and isolate threats.

4. Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM and intrusion detection systems)

5. Continuous optimization, tuning and monitoring of SIEM solution

6. Hands on experience around administrating and threat hunting on EDR, XDR, DLP and SIEM tools.

7. Ability to analyze endpoint, network, and application logs

8. Identify false positives, analyse reported spam, phishing, and suspicious emails and understanding of email security concepts: SPF, DMARC, DKIM

9. Immediate Joiners

• Assist the Manager with the planning, analysis, development of framework and deployment of CTVM program.
• Assist in continuous day-to-day operations of CTVMprogramincluding managing external CTVM service providers and scoping, scheduling, scanning, prioritizing and remediating IT vulnerabilities
• Assist in maintaining a current and comprehensive inventory of all IT hardware and software within the IT environment, including cloud.
• Assist in ensuring periodic static application security testing (SAST), dynamic application security testing (DAST) or any form of application security testing is conducted.
• Assist the Manager in maintaining current cyber threat model 
•  Assist in identifying dependencies and timelines required to address vulnerabilities, including system patching, deployment of specialized controls, code or infrastructure changes, and changes in build engineering processes
• Assist in the development of policies, procedures and standard operating models for the CTVM program.
• Assist in tracking key performance indicators (KPIs) and key risk indicators (KRIs).
• Assist in data collection and maintenance of technical and management cyber security dashboard.
• Assist in the preparation of periodic reporting to management on the outcomes of the CTVM program.
• Provide technical advisory services to our stakeholders to ensure an enterprise-wide resilient IT environment with regard to cyber security.

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.

Responsibilities:

• Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
• You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
• You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
• You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
• You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
• Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members

Minimum qualifications:

• BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
• Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
• Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
• Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
• Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
• Good understanding of complexities and security challenges in large-scale distributed systems
• Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
• Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
• Excellent written and verbal communication skills
• Strong interpersonal, team building, and mentoring skills

Job Description

Cyber Threat Intelligence & Threat Hunting - Subject Matter Expert (B3-2)

Responsibilities:

Perform threat research, create actionable threat advisories, and derive hunting queries based on the evolving threat vectors.

Understand APT groups, Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures. Create hypothesis and perform active threat hunting.

Minimum Requirements:

10+ years of overall experience, 7+ years of experience in cyber threat intelligence, malware analysis (Reverse engineering)

Hands-on experience with writing threat hunting hypothesis & active threat hunting

Experience with YARA rule and OpenIOC signature creation.

Experience with multi-tiered mission-critical systems.

Experience in opensource sandbox and honeypots.

Preferred Certification

GIAC Cyber Threat Intelligence (GCTI)

C| TIA (Certified Threat Intelligence Analyst)

CCTIA by the NICCS