Security Analyst, InfoSec

We are looking to recruit a Security Analyst to join our high-performance team in Mumbai. Candidate will be responsible for monitoring security events and alerts for potential malicious behaviors and evaluating the type and severity of security events by making use of packet analyses, and an in-depth understanding of exploits and vulnerabilities and providing incident response and escalation to the incident response team. This is a 24*7 role with fully work from office option only.

Below listed are the responsibilities and role needs:

Responsibilities: 

• Use SIEM technologies and other native tools to perform the monitoring of security events on a 24x7 basis.

• Manage inbound requests via the ticketing system, as well as via telephone calls, and provide security notifications via three methods: logging incident tickets, sending emails, and placing telephone calls.

• Perform analysis on logs produced by network devices utilized within the infrastructure such as firewalls, content filtering, syslog from various sources/devices, assorted Intrusion Detection capabilities, substantiating vulnerability scanner results, directory services, DHCP logs, Secure Email Gateway logs, and approved applications.

• Use the SIEM to monitor security events and perform analysis, while integrating the results and information needed to proactively protect the enterprise.

• Provide security events analysis and support to include identifying potential threat, anomalies, and infections, documenting findings, providing recommendations within the incident management system, performing triage of incoming security events, performing preliminary and secondary analysis of those events, and validating the events.

• Provide cybersecurity root-cause analysis in support of any tickets for which it fails to meet the Acceptable Quality Levels. This root-cause analysis will include documenting recommendations for corrective action.

Requirements:

• Bachelor's degree or equivalent in Computer Science, Systems Engineering, Cybersecurity, Information Technology, or related area.

• Minimum 4 years of monitoring experience in Cyber Security Operations Center.

• Excellent technical experience and expertise in troubleshooting Microsoft products and Operating system (desirable – knowledge of MAC OS & Linux).

• Understanding of basic network services, TCP/IP, IP Routing, attacks, exploits and vulnerabilities.

• Experience with VPN, SSL, other encryption methodology / technology a plus.

• Working knowledge of policies, procedures, and protocols of Security Operations Center.

• Experience using numerous security tools and technologies to include some of the following technologies: SIEM, IDS/IPS, Web application firewalls, Antivirus, Proxy and Url filtering, DLP, Vulnerability scanner.

• Ability to manage confidential, sensitive information

Desired Certifications:

• CompTIA Security+

• Certified Ethical Hacker (CEH)

• GIAC Certified Incident Handler (GCIH) 

• Certified SOC Analyst (CSA)

• Microsoft Certified: Security Operations Analyst Associate 

About Kroll

In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We value the diverse backgrounds and perspectives that enable us to think globally. As part of One team, One Kroll, you'll contribute to a supportive and collaborative work environment that empowers you to excel.

Kroll is the premier global valuation and corporate finance advisor with expertise in complex valuation, disputes and investigations, M&A, restructuring, and compliance and regulatory consulting. Our professionals balance analytical skills, deep market insight and independence to help our clients make sound decisions. As an organization, we think globally—and encourage our people to do the same.

Kroll is committed to equal opportunity and diversity, and recruits people based on merit.

In order to be considered for a position, you must formally apply via

#LI-AT1

#LI-Hybrid