What success looks like in this role:
Ø Responsible for detecting, identifying, and troubleshooting security events from ServiceNow & Security Tools.
Ø Responsible for performing initial triage on emails reported as Phishing and blocked attachments.
Ø Monitoring threat/vulnerability landscape and security advisories
Ø Operational functions are detection, classification, and incident escalation, to the next level Analyst.
Ø Investigate, document, and report on any security threat issues as well as emerging trends!
Ø Coordinate the containment and eradication of malicious activities with internal and external parties.
Ø Notify appropriate business stakeholders about serious security events.
Ø Working with Sr. Analyst SOC Operations for monitoring, analyzing logs from various Security/ Industrial appliances using Industry Standard tools.
Ø Log monitoring and Incident analysis for various devices such as Firewalls, IDS, IPS, Windows Servers and Web servers etc.
Ø Potential to bring any possible security threats or violation of Security Policy to the notice of the Information Security Manager.
Ø Actively investigating the latest Security, Vulnerabilities, Advisories, Incidents and notifies clients.
Ø Understanding of security threats, attack scenarios, analysis, and intrusion detection skills
Ø Assist Audit team in validating SOX compliance, this will be daily activity.
Ø Prioritize security incident through environment awareness and Global Intelligence. Classify incidents by policy and regulatory scope, configuration status management including active services and patch levels.
Ø Sending Security Alert messages on newly found vulnerability to the concerned Security team and respective customers without fail.
Ø Escalation and coordination with the other domains for unresolved incidents.
Ø Responsible for performing monitoring of security events in 24/7 rotational shifts.
Ø Should be willing to work in 24/7 rotational shifts which includes night shift.
You will be successful in this role if you have:
A bachelor’s degree in computer science, engineering, or technology-related field, or equivalent.
Ø Minimum 3-5 years of experience in security domain with exposure to tools such as Crowdstrike, Qualys, Mimecast, MS Defender.
Ø Good understanding of network and security fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP
Ø Highly Energetic and Quick Learner
Ø Analytical skills, out-of-box thinking.
Ø Good communication skills with positive attitude.
Ø Willingness to learn new technology.
Ø Knowledge and experience on Python and PowerShell scripting skills are added advantage.
Ø Certifications on any Security Tools (Crowdstrike, Qualys, Mimecast, MS Defender) is an advantage.
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.
This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4). US job seekers can find more information about Unisys’ EEO commitment here.
اطلب مساعدة الخبراء لكتابة سيرة ذاتية مميزة.