Title : Security Operations Analyst
Experience : 5+ Years in Security Operations and VA/PT
As a security company, Sophos takes its own security very importantly and has an internal IT Security team which focuses on protecting Sophos own systems and infrastructure.
This role is for an experienced security expert to join our Cybersecurity Blue team.
This a great opportunity to help secure a world-leading security company. As youd expect youll be joining an organisation that takes security seriously. You will get the opportunity to work with some world-leading experts from across the company in a fast-paced & exciting environment where security is a priority. As an added bonus, though our dogfooding programme, you can also contribute to improving our products.
Well need you to help us keep both our on-premise and cloud infrastructure secure. This will involve working with leading commercial and open source tools as-well as establishing and maintaining strong links to industry experts such as Amazons AWS Security Architects and world-class specialist consultants.
Youll need to be highly motivated, have an innovative mind-set and able to clearly articulate complex technical security issues to senior management.
Duties and Responsibilities:
As part of this role you will need to:
o The continual-improvement of our threat hunting capabilities & tooling.
o The efforts to research threats and attack vectors that impact Sophoss Application and infrastructure.
o The efforts to asses new and existing applications and system deployment for vulnerabilities and design flaws, and be able to provide recommendations on mitigations.
o The projects involving application analysis, testing and vulnerability hunting
o The projects to evaluate new products and technologies such as RASP
o The efforts to define methodologies, framework, architecture, processes and procedures for securing application infrastructure.
o Training efforts to train development teams in secure coding.
o The tasks to automate existing processes.
o Our vulnerability assessment and remediation program.
o Incident response, and support Incident manager during an incident
o The development of security policy, standards, procedures and documentation.
o Investigation & root cause analysis of security events & incidents escalated from our security operation centre.
Be able to perform static code analysis
Experience with commercial and/or open source security assessment tools such as Burp Suite, Accunetix, nikto
Ability to Innovative to actively hunt for threats e.g. scripting using python, powershell
Hands on experience of implementation and management of Intrusion detection systems
(IDS/IPS), Firewall, VPN, and other security products like Antimalware, Antispam, Content filtering, DLP etc. Proficient with SIEM Splunk
Experience with IDS/IPS, firewall alert analysis, monitoring and auditing
Experience in performing log analysis with tools like Procmon, DFIR
Exposure in forensics and security incident investigations.
Troubleshooting calls , problems, resolving L2 to L3 level of calls
Ability to solely perform and manage the vulnerability management lifecycle
This position requires shift work in a 24/7/365 environment therefore after-hours work may be required.
Works closely with the Security Operations Centre, Development team, SophosLabs experts, Product Security Engineers and IT.
Reports to the SOC Manager.
Excellent Communication Skills
Creativity and out of the box thinking
Go getter & self-motivated
Excellent Requirement Understanding skills
Good Documentation Skills
Cyberoam is an award-winning global IT security company globally acclaimed and certified... for its innovating products and technology. With an extensive product portfolio consisting of hardware and virtual offering for network security, centralized security management and centralized network visibility, Cyberoam offers future-ready security to enterprises, SMB and SOHO. Read full description