- Bengaluru, Karnataka, India
- Travel Required: 0 - 9%
At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.
In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.
The Threat Analyst will conduct analysis of data from best of breed cyber security threat and vulnerability instrumentation. The Senior Threat Analyst will work closely with our Threat Analysts and Architects to service customers. Associate Threat Analysts will aid the development of analysis methodologies and threat research.
- Identify and prioritize active threat activity in client environments based on analysis from security instrumentation.
- Identify and prioritize current vulnerabilities in client environments based on analysis from security instrumentation.
- Assist in the development of orchestration and automation logic to enable proactive mitigation of vulnerabilities and interdiction of threats.
- Take, direct, or recommend countermeasure actions to mitigate vulnerabilities and interdict threat activity.
- Maintain state on current cyber threat actor techniques, tactics, and procedures.
- Work with security architecture and engineering partners to develop and improve current and future analytic needs.
- Establish and maintain analytic repeatable processes and assist in continuous improvement of those processes.
- Perform quality assurance functions to ensure client satisfaction.
- Participate in client service calls to assist in successful client outcomes.
- Provide technical expertise and recommendations to partners across the managed security services practice.
Experience and Skills (General):
- Three or more years of professional experience in the Information Security field or demonstration of technical excellence commensurate with this experience.
- Demonstrated experience contesting cyber threat actors and/or mitigating vulnerabilities exploited by threat actors.
- Excellent time management, reporting, and communication skills.
- Ability to generate comprehensive analytic reports and countermeasure recommendations
- Ability to conduct professional client facing communications
- Understanding of modern cybersecurity instrumentation to include threat and vulnerability tools.
Experience and Skills (Technical)
- Network-based monitoring/analysis to include, but not limited to IDS/IPS, content filtering, sandboxing, anomaly, and behavioral tools.
- Host-based monitoring/analysis tools to include, but not limited to forensic, anti-virus, endpoint detection, and cyber threat actor hunting tools.
- Vulnerability monitoring/analysis via modern vulnerability discovery tools.
- Experience with SIEM platforms (ArcSight, QRadar, LogRhythm, Mcafee/Nitro, Splunk).
- Understanding of current cybersecurity maturity models, i.e. NIST Cybersecurity Framework.
- Foundational understanding of network and application layer communications mechanisms.
- Understanding of identity, access management, and authentication mechanisms.
- Understanding of modern operating system technologies to include server and endpoint.
- Understanding of SaaS and IaaS cloud technology implementation, application, and use.
- High-level understanding of major industry and regulatory controls such as PCI-DSS and HIPAA and the relationship to information security
- Ability to develop methodologies, training, and processes for use by other team members in managed services
- Ability to work within and support a Team environment
- Shift flexibility, including the ability to provide on call support when needed
- Demonstrated experience and success in contesting cyber threat actors
- Valid driver’s license
- Ability to work greater than 40 hours per week as needed
- Ability to travel up to ten percent of the time
- Ability to act as a part-time on-call escalation point for security incidents
- High School Diploma or equivalent experience
- Domain expertise in cloud technologies, incident response, malware analysis and/or reverse engineering
- Security certifications (GCIA, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, OSCP or other security certifications).
All your information will be kept confidential according to EEO guidelines.