Job Search and Career Advice Platform

Enable job alerts via email!

Threat analyst

Codincity Digital Technologies

Chennai District

On-site

INR 7,00,000 - 12,00,000

Full time

Today
Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A prominent IT security firm is seeking an experienced cybersecurity professional located in Chennai District, Tamil Nadu, India. The role involves administering IT systems, analyzing security threats, and utilizing cloud security principles. Ideal candidates will have over three years of experience, strong SQL skills, and a familiarity with the MITRE ATT&CK framework. Responsibilities include monitoring security incidents, employing automation, and engaging in cross-functional collaboration to enhance organizational security posture.

Qualifications

  • 3+ years of experience in IT systems or network administration.
  • Solid understanding of SQL-like query languages for data analysis.
  • Proficiency in maintaining composure during high-pressure scenarios.
  • Knowledge of the MITRE ATT&CK framework for threat-hunting.
  • Hands-on experience with Windows and Unix/Linux operating systems.
  • Understanding of the OSI model and common network protocols.
  • Experience with SIEM platforms and custom detection rules.
  • Ability to monitor logs and threat feeds for potential threats.
  • Excellent communication skills for technical insights.
  • Solid understanding of scripting languages like Python or Bash.
  • Familiarity with IDS/IPS, EDR, CNAPP, and WAF tools.
  • Enthusiasm for security automation.
  • Understanding of cloud infrastructure security threats.
  • Knowledge of web-based attacks and mitigation.
  • Understanding of email-based threat investigation.
  • Analyze security incidents and utilize threat intelligence.
  • Manage security incidents through resolution.
  • Use SIEM tools for security monitoring in on-premises and cloud environments.
Job description
  • Prior experience administrating IT systems or networks (~3+ years), preferably with experience in both public cloud environments and physical data center locations.
  • Solid understanding of SQL-like query languages and proficiency in data manipulation and analysis techniques to extract actionable insights from large and complex cybersecurity datasets.
  • Ability to maintain a collected demeanor under high-pressure security incident response scenarios.
  • Knowledge of the MITRE ATT&CK framework and its application to threat-hunting campaign scenarios, especially in hybrid cloud environments (preferred).
  • Hands-on experience professionally administrating and securing both Windows and Unix/Linux operating systems, and an understanding of the common threats each is susceptible to.
  • Thorough understanding of the OSI model and a wide range of common network protocols, enabling effective analysis, detection, and mitigation of security threats at various layers of the network stack.
  • Experience, or exceptional aptitude, working with Security Information and Event Management (SIEM) platforms, including building and optimizing custom detection rules.
  • Ability to monitor various security tools, logs, and threat intelligence feeds to detect potential cyber threats, including malware, phishing attempts, and unauthorized access attempts.
  • Excellent communication skills with the ability to translate complex technical concepts and findings into clear and concise insights for non-technical stakeholders, fostering collaboration and informed decision-making across cross-functional teams.
  • Solid understanding of scripting languages such as Python (preferred), Bash scripting, or PowerShell; prior experience using scripting to automate tasks.
  • Familiarity with modern defense-in-depth security tools and technologies such as Intrusion Detection and Prevention (IDS/IPS), Endpoint Detection and Response (EDR) solutions, Cloud Native Application Protection Platform (CNAPP), and Web Application Firewalls (WAF).
  • Enthusiasm for security automation and creative technical ability to identify time-saving or novel automation workflows.
  • Proven understanding of cloud infrastructure concepts, paradigms, and associated security threats.
  • Proven understanding of common web-based attacks at runtime (e.g., those listed in the OWASP Top 10), and how to respond/mitigate them operationally. Must have strong cloud security and log investigation skills.
  • Proven understanding of identifying and mitigating email-based threats, including phishing, malware, and spoofing. Hands-on experience with administering and configuring email security tools and protocols to safeguard against these threats is a bonus.
  • Analyze security events and incidents to identify threats, attack vectors, and potential impact. Utilize threat intelligence to improve detection and prevention strategies.
  • Investigate and respond to phishing attempts and email-based threats, with a foundational understanding of phishing techniques and indicators. Implement and manage email security solutions.
  • Manage and track security incidents through to resolution. Participate in live incident handling, including containment, remediation, and recovery efforts.
  • Use SIEM tools to monitor security events across both on-premises and cloud environments. Apply cloud security principles to identify and address threats specific to cloud-based infrastructure and applications.
  • Demonstrate knowledge of SOC principles, SIEM technologies, and attack handling. Experience with cloud security concepts is essential.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
TrustpilotImage showing a rating of 4.5 out of 5 stars on Trustpilot for JobLeads, indicating a high level of customer satisfaction.
Rated “Excellent” based on 19,513 reviews