Cyber Security Intern

Job Summary

We are seeking a proactive and detail-oriented Cyber Security Analyst with 1+ year of experience in Information Security (Infosec) to join our security team in Bangalore. The ideal candidate will be a first-line defender, responsible for the initial monitoring, triage, and response to security incidents, ensuring the protection of our digital assets and infrastructure from evolving cyber threats.

Key Responsibilities

1. Security Monitoring and Incident Triage

24x7 Monitoring: Actively monitor security alerts and logs from various security tools, including SIEM (Security Information and Event Management) systems (e.g., Splunk, QRadar, ArcSight, Microsoft Sentinel).

Alert Analysis: Perform initial triage and analysis of security events to distinguish between false positives and genuine security incidents.

Incident Identification: Detect, analyze, and assess alarms for potential threats, intrusion attempts, malware, and other unauthorized activities.

Initial Containment: Execute initial containment and mitigation steps for confirmed incidents following established procedures.

1. Incident Response and Reporting

Escalation: Escalate critical security incidents to higher-level (L2/L3) analysts or incident response teams with all relevant information.

Documentation: Maintain detailed and accurate incident reports, logs, and documentation for all security events and incidents, including actions taken and lessons learned.

Threat Research: Stay informed about emerging cyber threats, vulnerabilities, and security technologies to improve detection capabilities.

1. Vulnerability and Risk Management Support

Vulnerability Tracking: Assist in monitoring and tracking identified vulnerabilities in systems and applications, supporting the prioritization of remediation efforts.

Access Management: Support processes related to Identity and Access Management (IAM), including provisioning/de-provisioning of user access on various platforms (e.g., Active Directory, applications).

Security Controls: Verify and report on the operational status and effectiveness of security controls (e.g., firewalls, EDR, IDS/IPS).

1. Compliance and Awareness

Policy Adherence: Follow defined information security policies, procedures, and standards (e.g., ISO 27001, NIST CSF).

Security Training: Support the creation and delivery of cyber security awareness training for colleagues.

Process Improvement: Contribute to the review and improvement of security monitoring and incident response processes.

Qualifications and Skills

Essential

Experience: Minimum 1 year of hands-on experience in a Cyber Security or Information Security role, preferably within a Security Operations Center (SOC) environment.

Technical Skills:

Strong understanding of Information Security concepts, principles, attack methods, and threat vectors.

Hands-on experience with at least one SIEM platform for log analysis and alert monitoring.

Familiarity with network security concepts (TCP/IP, firewalls, IDS/IPS) and operating systems (Windows/Linux).

Soft Skills:

Excellent written and verbal communication skills.

Strong analytical, problem-solving, and critical thinking abilities.

Ability to work effectively under pressure and in a fast-paced environment.

Detail-oriented with a proactive approach to security issues.

Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Desirable (Good to Have)

Certifications: Relevant industry certifications such as CompTIA Security+, Cisco Certified CyberOps Associate, or EC-Council Certified SOC Analyst (CSA).

Tools Exposure: Experience with EDR (Endpoint Detection and Response) tools, DLP (Data Loss Prevention), or vulnerability scanners (e.g., Nessus).

Scripting: Basic knowledge of scripting languages like Python or PowerShell for automation or analysis tasks.

• Frameworks: Familiarity with cybersecurity frameworks like MITRE ATT&CK or NIST.