IT Cyber Defense Analyst
Altera Digital Health · Pune Division, Maharashtra, India
- On site
- Full-time
- $95,000 / year
- Pune Division, Maharashtra, India
Job highlights
- Analyze and respond to security incidents.
- Optimize security tools and reporting.
- Collaborate on vulnerability remediation.
- Monitor threats and vulnerabilities.
- Work with advanced security tools.
About the role
Job Summary
Altera Digital Health is seeking an experienced IT Cyber Defense Analyst to join their Security Operation Center (SOC). This role involves triaging security incidents, enhancing security tools, collaborating with business units on vulnerability remediation, and staying informed about the latest threats and vulnerabilities. The ideal candidate will have a strong background in cyber security technologies and incident response within an enterprise environment.
Responsibilities
- Triage security incidents identified by SOC analysts.
- Identify enhancements to rule sets and tool optimization to automate reporting and reduce false positives in unified SIEM, and review with management for implementation.
- Coordinate with SOC manager to escalate security issues to other business units including solutions development, customer hosting, and corporate IT.
- Collaborate with business units to prioritize vulnerability remediation and execution of planned activities.
- Subscribe to threat intelligence services and monitor vendor alerts for major vulnerability disclosures.
- Monitor advanced security tools, analyze indicators, correlate multiple sources, and coordinate security incidents across the environment.
- Review and analyze system logs and third-party management products to preemptively detect, take corrective actions, and alert process/system owners to new issues.
- Assist with the creation and maintenance of security incident response procedures.
- Participate in research and assist in the implementation of security tools used by the SOC team.
- Assist the SOC manager with dashboards and business reporting.
- Be prepared to work in a rotational 24/7 shift.
Qualifications
- 2-4 years of experience in Security Operation Center (SOC), Cyber Security, and Information Security within an enterprise environment.
- Experience with Windows and Linux, server, and application hardening processes.
- Experience supporting one or more information security technologies.
- Mandatory experience in Azure, EDR, XDR (Crowdstrike, Windows Defender), SOAR, SIEM Tools (e.g., Splunk, Rapid7, ArcSight, McAfee Nitro), Palo Alto, Cisco, and one of the following: IDS/IPS, database activity monitoring, multi-factor authentication, web content filtering, encryption, and encryption key management, DLP, change detection.
- Working knowledge of TCP/IP stack & familiarity with common protocols (e.g., HTTP, FTP, SMTP, DNS).
- Familiarity with network and application threats (e.g., DoS/DDoS, SQL injection, XSS, reconnaissance scanning, methods to avoid detection).
- Working knowledge of compliance and regulatory requirements (e.g., PCI, SOX, HIPAA).
- Experience with vulnerability scanning tools (e.g., Nessus, Acunetix, Qualys, Metasploit) is a plus.
- Scripting experience with Bash, PowerShell, or Python and the ability to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts.
- Familiarity with the MITRE ATT&CK Framework and/or Cyber Kill Chain.
- InfoSec certifications (e.g., CISSP, CompTIA Security+, GIAC Security Essentials, CEH) are a plus.
- Strong oral and written communication skills.
- Strong interpersonal and leadership skills.
Key skills/competency
- Cyber Defense Analyst
- Security Operations Center (SOC)
- Incident Response
- SIEM Tools
- Vulnerability Management
- Threat Intelligence
- Network Security
- Cloud Security (Azure)
- Endpoint Security (EDR/XDR)
- Scripting (Python, PowerShell, Bash)
Skills & topics
- IT Cyber Defense Analyst
- Cyber Security
- Information Security
- SOC
- Incident Response
- SIEM
- EDR
- XDR
- Azure
- Splunk
- Palo Alto
- Cisco
- HIPAA
- SOAR
- Vulnerability Scanning
- Bash
- PowerShell
- Python
- MITRE ATT&CK
- Cyber Kill Chain
- CISSP
- CompTIA Security+
- GIAC
- CEH
How to get hired
- Tailor your resume: Highlight your experience with SOC, cyber security technologies, and regulatory compliance like HIPAA.
- Showcase technical skills: Emphasize proficiency in Azure, EDR/XDR, SIEM tools, and scripting languages (Python, PowerShell).
- Demonstrate problem-solving: Prepare examples of how you've triaged incidents and collaborated on vulnerability remediation.
- Research Altera's mission: Understand their focus on digital health and how your skills contribute to their goals.
Technical preparation
Master SIEM tools like Splunk and Rapid7.,Gain expertise in EDR/XDR solutions.,Practice scripting with Python and PowerShell.,Study MITRE ATT&CK framework.
Behavioral questions
Describe a complex security incident you triaged.,How do you prioritize vulnerability remediation?,How do you stay updated on threats?,Explain collaboration with other business units.
Frequently asked questions
- What are the key technologies used by the IT Cyber Defense Analyst at Altera Digital Health?
- The IT Cyber Defense Analyst role at Altera Digital Health heavily utilizes Azure, EDR/XDR solutions (Crowdstrike, Windows Defender), SOAR platforms, and SIEM tools such as Splunk, Rapid7, ArcSight, and McAfee Nitro. Experience with Palo Alto, Cisco, IDS/IPS, and various security functions like MFA, DLP, and encryption is also crucial. Familiarity with scripting languages like Python, PowerShell, or Bash is beneficial for incident response.
- What is the expected experience level for an IT Cyber Defense Analyst at Altera Digital Health?
- Altera Digital Health is looking for candidates with 2 to 4 years of experience in a Security Operation Center (SOC), Cyber Security, or Information Security role within an enterprise environment. This experience should include hands-on work with security technologies and processes.
- Does Altera Digital Health require specific certifications for the IT Cyber Defense Analyst position?
- While not strictly mandatory, InfoSec certifications such as CISSP, CompTIA Security+, GIAC Security Essentials, or CEH are considered a plus for the IT Cyber Defense Analyst role at Altera Digital Health. Demonstrating knowledge through certifications can strengthen your application.
- What are the primary responsibilities of an IT Cyber Defense Analyst at Altera Digital Health?
- The primary responsibilities include triaging security incidents, enhancing security tool rulesets, automating reporting, escalating security issues, collaborating on vulnerability remediation, monitoring advanced security tools, analyzing system logs, and assisting with incident response procedures and security tool implementation.
- Is there a requirement for rotational shifts for the IT Cyber Defense Analyst role at Altera Digital Health?
- Yes, candidates for the IT Cyber Defense Analyst position at Altera Digital Health should be prepared to work in a rotational 24/7 shift schedule, indicating a need for flexibility and availability outside of standard business hours.
- What regulatory compliance knowledge is important for an IT Cyber Defense Analyst at Altera Digital Health?
- A working knowledge of compliance and regulatory requirements is essential. This includes understanding standards such as Payment Card Industry (PCI), Sarbanes-Oxley (SOX), and Healthcare Information Privacy Protection Act (HIPAA), given Altera Digital Health's focus on the healthcare sector.
- What kind of scripting skills are beneficial for the IT Cyber Defense Analyst role?
- Scripting experience with Bash, PowerShell, or Python is highly beneficial. These skills aid in responding to security incidents across Windows, Linux, and Mac hosts, and can be used for automating tasks and improving efficiency in threat analysis.