Cyber Security

FULL-TIME

NOIDA

2 PLUS YEARS

**SOC Analyst**

Wildnet Technologies is a 15+ years old Award-winning IT Software Solution Engineering Company with its foundation laid in the year 2006. We are headquartered in India and have client presence in the United States, Canada, Australia, and the United Kingdom
**.**

This is a great opportunity for those who are looking for a fast-paced work environment with many opportunities for growth.

Position name: Incident Response and Security Analyst

Reports To: Sr. Vuln Manager

Location: Remote

Summary: Working with technical team (vulnerability team) this position main focus is to

implement and lead Incident Response for company's clients. Perform Pen Testing,

Vulnerability scanning and reporting, Incident Response and threat hunting. Collaborate with

all team members daily to ensure security of client and all of our clients are secured

against the latest vulnerabilities and threats. A jack of all trades type with a focus on Incident

Response.

Duties & Responsibilities
- Managing cybersecurity incidents, including identification, containment, eradication,

and remediation
- Developing processes and procedures for incident response to help standardize

Detection & Response activities
- Performing threat hunting activities using data collected from within the company

and client’s environment
- Specialize in network-centric analysis (NSM), host-centric analysis (live response,

digital forensics), malware analysis, and log-centric analysis (SIEM)
- Perform daily response operations on a schedule that may involve nontraditional

working hours
- Curate signatures, tune systems/tools, and develop scripts and correlation rules
- Analyze host and network forensic artifacts and identify patterns and behaviors related

to threat actors
- Lead technical aspects of incident detection and response

accompanying reports
- Perform Security Audits and assessments.
- Collaborating with third-party vendors if needed to help with Incident Response
- Keep pace of cybersecurity threats, threat actors, and their associated Tactics,

Techniques, and Procedures (TTPs)
- Recommending improvements to security standards, incident response and processes
- Curate signatures, tune systems/tools, and develop scripts and correlation rules

Skills & Requirements
- Have at least 3 to 5 years of experience in cybersecurity, with a focus on detection

and response to malicious activity using log data from systems, network devices, and

security tools
- Have experience in Analyze host and network forensic artifacts and identifying patterns

and behaviors related to threat actors
- Have experience with core enterprise infrastructure and security-supported

technologies including data protection elements such as DLP, tokenization, encryption,

endpoint security, and perimeter protection such as firewalls or WAF, SIEMs, IPS/IDS,

and managed security services
- Have scripting experience with Bash, PowerShell, or Python and the ability to use

these

skills to aid in responding to incidents involving Windows, Linux, and Mac hosts
- Have experience developing detection logic for enterprise SIEM systems and with

exploitation techniques and use case development
- Have experience writing procedural documentation (playbooks and runbooks) to serve

as job aids for other analysts
- Have experience with cybersecurity tools and software, E.g. Splunk, McAfee,

CrowdStrike, Windows Defender, SELinux, Syslog, Palo Alto, and Cisco
- Have experience serving as a team leader for Incident Response analysts, providing

ad hoc guidance and more formal training
- Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain
- Have strong oral and written communication skills Strong interpersonal and leadership

skills
- Detailed understanding of Networking (including the OSI Model, TCP/IP, DNS, HTTP,

SMTP)

Desired Certifications-Degrees
- Knowledge
- GIAC Incident Response (GCIH)
- Must Have OR
- ECIH- Certified incident handler - Must have
- CEH
- CASP
- OSCP
- PenTest+
- BS in IT or IT Security
- Vast knowledge in NIST 800-61 Computer Security Incident Handling
- Nessus
- Burpsuite
- MITRE attack framework