CenturyIQ Solutions India Private Limited, based in Mumbai, serves as the dedicated captive unit of Century Financial, UAE. Its primary objective is to manage and execute outsourced responsibilities delegated by Century Financial, setting itself apart through an unwavering commitment to knowledge process services that transcend conventional data-driven and technology-centric transformations.
Role Overview:
This is a full-time on-site role of the Security Operations Center Analyst, located in Mumbai. The Security Operations Analyst will be responsible for day-to-day activities related to Cyber Threat Hunting (CTH) and Cyber Threat Intelligence (CTI), Analytical Skills and Security operations center. The Security Operations Center analyst will also be responsible for ensuring the cyber security of the Century systems.
Good-to-Have
- DLP, anti-virus and anti-malware
- Use system tools such as Wireshark, ethereal, packet analyzer etc.
- Cloud computing, SaaS models.
Must-Have
- Good team skills working with teams across geographies.
- Expertise working with Splunk and identifying tuning recommendations for improved detection and accuracy.
- Expert Splunk uses case/rules writing skills.
- Expert Security Incident investigation and migration skills
- Expert analytical and problem-solving skills
- Good understanding of operating systems and networking
- Expert understanding of security threats and vulnerabilities.
- Expert understanding of security tools and technologies such as Firewalls, VPN, IPS, etc.
Responsibilities:
- Performing daily detection and response functions closely aligned with typical SOC functions.
- Analyze and investigate alerts/incidents as required, perform in-depth analysis, summarize observations, and perform root cause analysis as required.
- Conduct proactive threat-hunting operations to detect and investigate sophisticated cyber threats, including advanced persistent threats (APTs).
- Analyze security event logs, network traffic, and other security data to identify indicators of compromise (IOCs) and potential security breaches.
- Enhance detection and response capabilities by creating and enhancing threat-hunting methodologies, processes, and playbooks.
- Undertake investigation for the various threat advisories/feeds received within the shift, in line with the defined process.
- Present threat hunt findings to management and develop use cases on pervasive threats as identified by Offensive Security/Red teams and recent security incidents.
- Provide technical and service mentorship to other SOC analysts.
- Stay up to date with latest cybersecurity threats, vulnerabilities, and attack methodologies
Requirements:
- Bachelor’s degree (or equivalent experience) in Computer Science, Engineering, or another technical field.
- SOC or security-focused NOC L2 Or L3
- CISSP and GIAC certifications are preferred.
- Cyber Threat Hunting (CTH) and Cyber Threat Intelligence (CTI) Skills.
- Strong Analytical skills.
- Experience in Security Operations Center duties.
- Proficient in creating SIEM use cases, correlation rules and baselines to monitor Malicious activity, IOCs, and anomalies.
- Demonstrate a track record of successfully correlating events and conducting practical assessments of observed indicators of attacks (IOA).
- Showcase expertise in utilizing Security Information and Event Management (SIEM) systems and a refined alert triage process.
- Leverage substantial experience building sophisticated Security Orchestration, Automation, and Response (SOAR) workflows.
Possess a deep understanding of the OWASP Top 10 and the ability to intricately link vulnerabilities to real-world threat scenarios. - Apply strong analytical and problem-solving skills to proactively identify and address emerging security challenges.