Security Analyst

What We Do

Managing cyber risk, together – Today the modern enterprise is an Enterprise of Things. We are on a mission to secure the Enterprise of Things with active defense by identifying, segmenting, and enforcing compliance of every connected thing in a real-time and at scale. Our unified security platform enables enterprises and government agencies to focus on Zero Trust segmentation, IT/OT convergence, and OT/ICS innovation, all supporting our mission and vision.

Join us as we secure the world with our products. We are looking for resourceful individuals to collaborate as one team while ensuring a world-class customer experience. We are cyber-obsessed about addressing the world's most challenging security problems. Innovation starts here, everyone's ideas are valued, visionaries welcomed

What You Will Do

• Detection, monitoring, analysis, resolution of security incidents; participate in providing containment and recommendations.
• Coordinate escalations to external client support teams to ensure timely delivery of incident resolutions.
• Perform network/system/application/log intrusion detection analysis and trending.
• Contribute in tuning of the SIEM filters and correlation rules to continuously improve detection
• Participate in the security incident handling efforts in response to a detected incident, and coordinate with other stakeholders and clients.
• Ensure that Service Level Agreements are met.
• Maintain standard operating procedures, processes and guidelines.
• Contribute to automate analysis and investigative functions / tasks , administration and remediation procedures, workflows and other operational tasks.
• Maintain awareness of trends in security regulatory, technology, and operational requirements
• Shift rotation will be required for this role.
• The Security Analyst is responsible for the security analysis, incident classification, investigation and incident response actions including notification and alerting.
• Through the correlation rules and use-cases in the monitoring platform, you will Monitor customer environments for possible security incidents, using knowledge of attack types and standard protocol behaviour to classify incidents, comment, and provide advice on mitigation or remedial actions.
• Identification of incidents and subsequent analysis and investigation to determine their severity and the response required.
• Ensure that incidents are correctly reported and documented.
• Be prepared to provide a Technical Escalation Point during security incidents, establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a reoccurrence.
• Maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of the client network.
• As required update Protective Monitoring/SOC documentation, processes and procedures.
• Support, troubleshoot, configure, manage, and upgrade FW, NIDPS, UTM, VPN, WAF and a wide variety of other security products

• Graduate with a degree from a recognized university with specialization in Computer Sciences or any other discipline, combined with 2-8 years of directly related practical experience and demonstrated ability to carry out the functions of the job.
• Strong experience of any SIEM platform (ELK, Splunk, QRadar, ArcSight, LogRhythm, RSA, etc.)
• Thirst for knowledge, inquisitive nature, keen interest in actively participating in SOC expansion.
• Experience working in an IT Security Operations Center, using SANS methodology.
• Experience and extensive knowledge of Security Information Event Management.
• Strong network security knowledge including firewalls, IPS/IDS, WAF, NAC platforms from different vendors.
• Working knowledge or hands-on experience in endpoint security detection & response technologies and platforms (AV, EDR, MDR, XDR, families).
• Experience in Intrusion Detection or Prevention Systems.
• Strong Knowledge of: TCP/IP, computer networking, routing and switching.
• Experience in Linux and Windows based devices at the System Administrator level.
• System log forensics (Syslog, Event Viewer).
• EC Council: C|HFI, ECAS or SANS: GIAC, GCFA, GCIH, GREM or other certifications are preferred.
• Strong troubleshooting, reasoning and problem solving skills.
• Ability and experience in writing clear and concise technical documentation.
• Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web.
• Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention.
• (DLP), Identity and Access Management (IAM) solutions.
• Knowledge of Forescout suite of security tools.
• Experience with Linux, Windows and Network Operating Systems required.
• Strong working knowledge of Routing and Access Control Devices required.

What Forescout Offers You

Our visionary leadership team fosters an environment that encourages professional growth and development. We champion a diverse and inclusive culture that cultivates collaboration and innovation, where our team can make a global impact on security while working with industry-leading technology. We take pride in offering a competitive total compensation package. If you have a strong work ethic, are visible and lean in, you will be recognised. We are in growth mode and there is a ton of opportunity at Forescout. Apply now to find out more

More About Forescout

The Forescout 4D Platform provides complete asset intelligence and control across IT, OT, IoT, and IoMT environments. For more than 20 years, Fortune 100 organizations, government agencies, and large enterprises have trusted Forescout as their foundation to manage cyber risk, ensure compliance, and mitigate threats. With seamless context sharing and workflow orchestration across more than 100 full-featured security and IT product integrations, Forescout makes every cybersecurity investment more effective. Learn more at

.

Our Mission

To continuously identify, protect, and ensure the compliance of all cyber assets across the modern organisation.

Our Vision

A world where every cyber asset is seen, secure and compliant.

Our Cultural Values

• Cyber Obsessed – We are curious about technology, and we are innovative and passionate about solving big programs.
• Customer Driven – We listen, we learn, and we make it right.
• Collaborative, without Ego – No one succeeds alone. We strive to be the humble person that people want to work with.
• Relentless – We're smart, determined, and find a way. We figure stuff out.
• One Team – We all work together, and we all win together.

Our DEI Statement

At Forescout, we are committed to fostering a diverse, equitable, and inclusive workplace. We believe that diversity of background, experiences, and perspectives leads to innovation, creativity, and better decision making. We strive to create an environment where all team members feel valued, respected, and empowered. We actively promote equal opportunities and fair treatment for all individuals, regardless of their race, religion, colour, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, disability, status as a protected veteran, or any other characteristic protected by law. By embracing Diversity, Equity and Inclusion, we aspire to build a successful culture where we work together and win together as One Team.

Thank you for taking the time to learn more about us.

If this opportunity intrigues you, we would love for you to apply

NOTE TO EMPLOYMENT AGENCIES:

We

value the partnerships we have built with our preferred vendors. Forescout does not accept unsolicited resumes from employment agencies.

All resumes submitted by employment agencies directly to any Forescout employee or hiring manager in any form without a signed Employment Placement Agreement on file and search engagement for that position will be deemed unsolicited in nature.

No fee will be paid in the event the candidate is subsequently hired as a result of the referral or through other means.

#LI-VS1