Information Security Analyst Job For 10-50 Year Exp In Disys India Private Limited US – 2223342

• U.S. Citizen (not dual)
• Submit/Pass a 10-year Dept. of Defense background check, criminal history, drug screening, and fingerprints
• Valid driver’s license/Real-ID with clean driver’s history
• Applicant must have a strong work ethic, be extremely organized and detail-oriented, be a self-starter with excellent time-management, problem solving, and multitasking skills
• Applicant must have excellent front-facing / face-to-face customer service skills
• Minimum 1 year of customer service experience (call center, retail, or other customer facing role)
• Problem solving skills from active listening to, and educating, customers through resolution and a set of delivery expectations
• Excellent communication skills (in English), both verbal and written, to articulate details in a professional manager
• Position may require ability to sit, stand, walk extended distances, bend, stoop, squat and lift to 35 lbs. from the floor to desktop for extended periods of time
• Advanced working knowledge of all MS Office Suite applications (Work, Excel, MS Project, etc.)
• Experience with a ticketing system like ServiceNow a plus

JOB SPECIFIC REQUIREMENTS AND SKILLS:

• 3+ years of experience working in a Security Operations role in a medium to large enterprise network environment
• IAT Level-1 Technical Certification required within 90 days of hire – CISSP preferred
• Technical bachelor’s degree preferred but not required
• Active Secret-level security clearance (ability to obtain)
• Advanced working knowledge of all MS Office Suite applications (Work, Excel, MS Project, etc.)
• Demonstrated experience in responding to, managing and resolving security incidents
• Experience with LAN/WAN networking concepts, IP addressing and routing concepts, Windows / Linux / Unix operating systems, Information Security concepts and best practices
• Experience with Windows/Linux/Unix server administration is a plus
• Experience working with a Security Information and Event Management (SIEM) system is a plus
• Experience working with the following tools is desired: Splunk, DarkTrace, Retina, CarbonBlack
• Security and vendor certifications are a plus

Responsibilities & Duties
List the specific duties required of this job. List in order of importance. Complete sentences.
RESPONSIBILITIES & DUTIES:
A. SOC Call Center
The SOC will be responsible for collecting and processing tips, incident reports and requests for Computer Network Defense (CND) services received via phone, email and ServiceNow tickets.
B. Real-Time Monitoring and Triage
The SOC will be responsible for the triage and rapid analysis of real-time security incident alerts from the SIEM system, to assess potential intrusions. This service will be performed by the SOC’s Tier 1 analysts. After a specified time, suspected incidents will be escalated to a Tier 2 analyst for further analysis.
C. Incident Analysis
Tier 2 SOC staff will perform in-depth analysis of potential intrusions escalated by Tier 1 SOC staff. This capability will usually involve analysis leveraging various data artifacts to determine the circumstances and extent of an intrusion, how to mitigate damage, and how to recover.
D. Cyber Intelligence Fusion
The SOC will extract data from cyber intelligence updates and reports provided by senior ISD staff to synthe new signatures for IDS systems as well as SIEM correlations and alerts. Cyber intelligence will be composed of technical data extracted from adversary tactics, techniques and procedures (TTPs).
F. Countermeasure Implementation and Coordination
The SOC will directly implement or coordinate response actions to an incident to deter, block, or cutoff adversary presence or damage. Possible countermeasures include logical or physical isolation of involved systems, firewall and proxy blocks, DNS black holes, IP blocks, patch deployment and account deactivation.
G. Sensor Tuning and Maintenance
The SOC will be involved in the tuning and maintenance of sensor and other SOC infrastructure platforms it operates, such as IDS/IPS. Its responsibilities will include updating IDS/IPS with new signatures, tuning their signature sets to keep event volume at acceptable levels, minimizing False positives and maintaining up/down health status of sensors and data feeds.
H. Vulnerability Scanning
The SOC will be provide a vulnerability scanning and reporting service for hosts on AeroNet that will include both ad hoc and scheduled scans. These scans will use COTS tools such as Retina.