Senior Security Analyst (Global SOC, Security Operations, Forensic Analysis)
UKG
Noida, Uttar Pradesh, India
Description As a Senior Security Analyst, you will be part of the Security Operations Center team working with events and incidents as they come in. You will be monitoring infiltration attempts, analyzing logs, looking for patterns to ensure infiltration attempts are identified and dealt with in a timely manner. You will identify attack patterns and how to defend against them, and continuously evolve the team to be more efficient through the creation of tools. build our detection and response, and incident response capabilities, provide subject matter expertise in data analysis and risk assessments and respond to security incidents. Security Analysts are involved with highly technical operations and forensic analysis. You will be part of our global security operations center that follows a follow-the-sun structure, working to ensure continuous monitoring, detection and response to security events affecting UKG and our customers. You will work closely with our security operations centers in Fort Lauderdale, Singapore, and Paris. Job Location: Noida Shift Schedule: The ideal candidate will begin working a day shift from 0900-1800, either from 'Sunday to Thursday' or 'Tuesday to Saturday'. Analysts on each shift will eventually be required to rotate for a 30-day period onto a night shift (2330-0830 IST) for their required weekdays, with premium night pay as appropriate. We are looking for someone who is ready to work in Night Shift and open for 24X7 operations. Due to the nature of the work, you are required to have on-call duties on weekends. Primary/Essential Duties and Key Responsibilities: Detect, report, assess, and respond to information security incidents. Develop and maintain detection content to detect nefarious activities within the enterprise Build metrics on efficiency, effectiveness, and coverage, and demonstrate proof of value Continuously improve processes through automation and tools creation Isolate and remove malware. Maintain active investigations of security events escalated to and within the Security Operations Center Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. Mentors, coaches and trains Security Analysts and Security Analysts IIs and serves as the point person for escalation issues that may arise Provide 24/7 monitoring Qualifications Basic Qualifications: Bachelor's degree in computer science or a related discipline Working professional with 6+ years of relevant Security/SOC experience Experience with tools such as Splunk, Elastic Search, EDR solutions. Preferred Qualifications: Knowledge of the common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Excellent verbal and written communication skills.