1. Home
  2. Infra / Networks / Telecom
  3. Systems Engineer- Cyber Security Vulnerability Analyst

Offers “CGI”

Expires soon
CGI

Systems Engineer- Cyber Security Vulnerability Analyst

  • Bengaluru (Bangalore Urban)
  • Infra / Networks / Telecom
Apply Now

Job description

Job Description

Systems Engineer- Cyber Security Vulnerability Analyst

Position Description
Responsible for the L1 administration of all complex server farms. Provide medium level of technical advice on Server Administration and management.

Your future duties and responsibilities
The Vulnerability Analyst is responsible for the following activities related to the vulnerability management process for multiple customers by exercising proven Operating System and infrastructure experience in the enterprise space applying process; procedures; Standards; guidelines and best practices.

• Vulnerability Analysis Creation. Produce vulnerability reports providing a highly timely; accurate; and actionable assessment of new vulnerabilities as they are discovered.

• Collect vulnerability data from a wide variety of sources of threat information (including vendor; third-party; community and government).

• Triage collected vulnerability data in order to identify vulnerabilities of primary concern.

• Generate contextualized vulnerability assessments utilizing a variety of systems; including the Common Vulnerabilities and Exposures (CVE); Common Weakness Enumeration (CWE); and Common Platform Enumeration (CPE).

• Leverage industry scoring frameworks to conduct analysis such as the Common Vulnerability Scoring System (CVSS); and the Common Weakness Scoring System (CWSS).

• Ensure vulnerability analysis data is integrated to the overall central knowledge base. Vulnerability Correlation and Categorization

• Correlate gathered vulnerability analysis with existing CGI data in order to provide contextualized reporting.

• Enrich vulnerability analysis with scoring; contextualization; and internal knowledge. Threat Detection and Mitigation Recommendations

• Produce reports with details on vulnerabilities including impact assessments for CGI; affected products. And recommendations for identification and remediation when possible; and methods of mitigating or detecting active exploitation. Threat Intelligence Integration

• Integrate vulnerability information to existing tools such as SIEMs or any other relevant security controls.

• Assist in developing use cases or signatures in order to identify active exploitation attempts.

• Contribute to the integration of actionable vulnerability information into the patching lifecycle. Threat Intelligence Sharing and Reporting

• Provide actionable vulnerability analysis to stakeholders with detailed reports; briefings and data feeds

• Other Responsibilities:

• Participate in innovation projects including the building; deployment and evaluation of new technologies

• Participate in the definition of advanced threat process and best practices

• Provide advanced threat awareness and education to members of the team

Required qualifications to be successful in this role
Primary Skill: Cyber Security, SOC, SIEM
Secondary Skill: Vulnerability Analysis

• The candidate should be able to demonstrate a thorough understanding of Cyber security. Specifically, the candidate must possess an in-depth knowledge of modern threats and vulnerabilities, attack methodologies, threat actors, intelligence methodologies and tools.

• This position will require that the successful candidate be able to communicate, in both verbal and written forms, technical information to operations personnel.

• Strong understanding of the vulnerability analysis (CVE, CVSS, CWE, CPE)

• Strong understanding of intelligence production cycle, methodologies and tools

• Strong knowledge of current threat, vulnerabilities and threat actors

• Strong understanding of the roles and functions of a Cyber Security Operations Centre (SOC) and Managed Security Services Provider (MSSP)

• Possess a high level of English-language writing capabilities

• Ability to deliver high quality reporting on complex issues identified in a very dynamic environment

• Experience as an analyst within the Intelligence Community conducting deliverable intelligence research reports/products

• Excellent customer facing skills in both verbal and written communications

• Understanding of networking fundamentals (all OSI layers, protocols, etc.)

• Understanding of Windows/Linux/Unix operating systems.

• Understanding of Incident Response methodologies and tools.

• Understanding of operating system and software vulnerabilities and exploitation techniques.

• SIEM Experience (e.g. Arcsight, Splunk, Logpoint)

• Host analysis Experience with Forensics/EDR tools (enCase, FireEye, CarbonBlack, RSA ECAT, Crowdstrike, Endgame)

• Network analysis experience with Network sensors (FireEye, Cisco, Fortinet, TrendMicro)

• Malware Analysis (Static Analysis or Dynamic Analysis of captured file, Reverse Engineering)

• Experience of utilising threat intelligence sources

• Penetration testing experience

• Ability to deliver high quality reporting on technical issues identified and providing remediation guidelines.

• Scripting languages: Python, Bash, Powershell

• User investigations, Behavioural Analysis technology and or processes

Desirables
• Knowledge of intelligence platforms and how different tools enable the intelligence cycle
• Suitable to obtain TOP SECRET clearance
• Degree in IT Security, Engineering or Technology related fields a major plus.
• Knowledge of malware packing, obfuscation, persistence, exfiltration techniques.
• Experience using other big data analysis platforms and the development of advanced queries used to interrogate big data sources.

Certification Required: Optional

Build your career with us.

It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.

At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.

Be part of building one of the largest independent technology and business services firms in the world.

Learn more about CGI at www.cgi.com.

No unsolicited agency referrals please.

CGI is an equal opportunity employer.

Skills

·  Command and control system

Reference

654460

Make every future a success.
  • Job directory
  • Business directory
    •