Senior Cyber Security Analyst
Cynosure Corporate Solutions
Industry: Security
Category: Information Technology
Total Positions: 2
Job Type: Contract
Gender: No Preference
Salary: 83000 INR - 100000 INR (Monthly)
Education: Bachelor′s degree
Experience: 6-12 Years
Location: Chennai, India
Posted Date: 09-07-2024
Expiry Date: 31-08-2024
Roles and responsibilities:
Considered subject matter expert within discipline
Solves complex problems; takes a broad perspective to identify innovative solutions
Can either work independently on in teams
Requests guidance in complex situations or when needed
Interprets challenges and recommends best practices to improve processes
Capacity to lead functional teams or projects to solve complex problems and deliver solutions
Communicates difficult concepts and negotiates with others to conclude on goal-centric points of view
Provides resolution support to wide array of issues that are complex in scope
Contributes to departmental business planning and solution design
Uses expert level Cyber Security knowledge base to complete tasks
Intrinsic understanding of software development life cycles
Excellent oral and written communication skills
Understanding of security by design principles, architecture concepts & security frameworks (NIST, PCI, OWASP, etc.)
Knowledge of current and emerging security technologies, threats, and techniques for exploiting security vulnerabilities in
the code or application
Requirements:
6+ years of experience working with systems deployed on AWS
4+ years of technical experience in Incident Management for AWS Cloud solutions
1+ years of experience with AWS Incident Detection and Response
Demonstrated experience using Splunk for Incident Management and processes supported by Okta CIAM, PhishER, PagerDuty, Imperva, CrowdStrike, AWS Guard Duty, Defender for Cloud Apps, etc.
Incident Management (2+ years minimum)
Risk Management techniques (2+ years minimum)
Vulnerability Management
Web Application Firewalls such as Imperva
As a subject matter expert or stakeholder, has previously supported information security audits in any of the following
frameworks or regulations: PCI DSS, NIST, SOC 1 or 2, ISO 27001, Sarbanes-Oxley (SOX) or HITRUST
Experience in analyzing threats of cloud and application components, such as findings from Security Assessments
Nice to have:
Familiarity with Jira, GitHub, Okta, WordPress, Qualys VMDR, Jenkins, Rancher, Terraform, Snyk & Contrast
Familiarity with some of the following concepts:
SAST (Static Application Security Testing)
DAST (Dynamic Application Security Testing)
SCA (Software Composition Analysis)
SBOM (Software Bill of Materials)
Image Scanning
SOAR (Security Orchestration, Automation and Response), good if experienced in
IaC (Infrastructure as Code)
Threat Modeling
PenTesting (Web App, Mobile, External)
CSA (Cloud Security Assessment)
Familiarity with Java (including npm and Maven), Docker & Kubernetes