Cyber Security Center
Bengaluru (Bangalore Urban) Infra / Networks / Telecom
Job description
Tasks
Monitor information feeds and threat actor activity to identify activity levels and indicators for cyber threats and cyber attacks
Evaluate new feeds and incorporate new feeds / enrich existing threat intelligence information by adding contextual information
Develop threat analysis techniques, search and correlation criteria to identify actionable intelligence
Provide threat intelligence specific to business, function, technology, or event.
Continuously improves the efficiency and effectiveness of CSC Operations processes.
Qualifications
· Strong comprehension of advanced persistent threats, malware, emerging threats as well as experience in a large corporate environment.
· The Intelligence Analyst must be a self-starter with the ability to research and solve problems independently but must also able to collaborate in a dynamic team environment.
· Understanding of attacks, attack vectors, kill chain methodology, and
· Expertise in big data and complex queries across multiple platforms
· Strong understanding of malware analysis, threat taxonomy and threat indicators
· Ability to work with multiple security technologies, platforms including SIEMs, IDS /IPS, Firewalls, Web application firewalls, proxy etc.
· Knowledge of SNORT and Yara Rules
Mandatory Knowledge:
· SIEM (ArcSight / Qradar)
· Threat Feed Aggregation and analysis
· Knowledge of Perl / Python /Shell Scripting, Unix, and SQL
Preferred
Big data / Hadoop / Mongo DB / Elastic Search
Desired profile
Qualifications
· Strong comprehension of advanced persistent threats, malware, emerging threats as well as experience in a large corporate environment.
· The Intelligence Analyst must be a self-starter with the ability to research and solve problems independently but must also able to collaborate in a dynamic team environment.
· Understanding of attacks, attack vectors, kill chain methodology, and
· Expertise in big data and complex queries across multiple platforms
· Strong understanding of malware analysis, threat taxonomy and threat indicators
· Ability to work with multiple security technologies, platforms including SIEMs, IDS /IPS, Firewalls, Web application firewalls, proxy etc.
· Knowledge of SNORT and Yara Rules
Mandatory Knowledge:
· SIEM (ArcSight / Qradar)
· Threat Feed Aggregation and analysis
· Knowledge of Perl / Python /Shell Scripting, Unix, and SQL
Preferred
Big data / Hadoop / Mongo DB / Elastic Search