Info Security Analyst
Location:Bangalore, Karnataka, India
Additional Location(s)Shanghai, China
Area of InterestInformation Technology
What you’ll do
This Analyst will sustain and improve usage of network security tools to support CSIRT's security monitoring and incident response services. CSIRT deploys and support network IDS, proxy-based malware filtering solutions such as IronPort WSA, host intrusion prevention tools such as Splunk log management, device syslog processing, and network traffic inspection tools. CSIRT develops custom integration tools for interfacing with Cisco infrastructure, security tools, and for conducting security investigations.
Work to setup and tune monitoring plays involving multiple security
monitoring products and data feeds
Work to develop and tune documented process for incident and alert handling
Work to mentor and train others on the team in how to properly handle incidents as well as escalations
Manage schedule to ensure operational effectiveness & on-time delivery of all work consistent with documented requirements
In addition, this Analyst will be accountable for the following:
• Escalate to CSIRT investigators and external support teams to assist in analysis and event resolution.
• Document cases, procedures, analysis, and investigations accurately and thoroughly (including best-practice documentation).
• Inform higher-level priorities, improvements and problem resolutions to improve effectiveness of Cisco CSIRT & InfoSec.
• Constructively challenge and improve existing tools, processes and procedures.
• Assist CSIRT with continued enhancement of Cisco's security tools.
• Assume additional responsibilities as assigned.
Who you’ll work with
Cisco CSIRT is looking for a full time Information Security Analyst for Cisco's global Computer Security Incident Response Team (CSIRT). The Computer Security Incident Response Team (CSIRT) reduces the risk of loss as a result of security incidents for Cisco-owned businesses. CSIRT regularly engages in proactive threat assessment, mitigation planning, incident detection and response, incident trending with analysis, and security architecture.
CSIRT is looking for a suitable candidate with 6-8 years experience in IT & Security with expertise in one or more of the following areas:
System administration (Windows or Unix)
IT security with a focus on computer forensics, incident response, malicious code/exploits, anti-virus, etc.
Web application and script development
What You Are
The successful candidate should have the following qualifications:
Familiar with Windows exploits, malware and malicious code trends
Demonstrate good customer service, communications, and troubleshooting skills. The candidate must be able and willing to follow process and demonstrate past examples, including case handling
Experience working in a global support environment, experience working under pressure is a plus
Willing to work slightly off-hours including rotational on-call, conduct security event analysis, provide coordination and primary response to security incidents
• Demonstrate interest and knowledge of security trends, especially hacking technologies including trojans, viruses, and worms
• Demonstrate knowledge of TCP/IP and application in securing systems, investigating security incidents
• Demonstrate clear experience with UNIX/Windows operating systems
Graduation degree in IT / Cyber Security or equivalent. Post Graduation is a plus.
GCIH, GCIA, CCNA, RHCE, MCSE, CEH (Security certifications)
We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren’t afraid to change the way the world works, lives, plays and learns.
We are thought leaders, tech geeks, pop culture aficionados, and we even have a few purple haired rock stars. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers.
We are Cisco