Incident Response Analyst
Posted 4 months ago
Acquia, is transforming the digital strategies of companies all over the world with our open cloud platform. We are passionate and relentlessly committed to helping our clients create digital experiences that are more relevant, personalized, and built for a fast-changing, always-connected, mobile-first world. Headquartered in the US, we have been named as one of North America’s fastest growing software companies as reported by Deloitte and Inc. Magazine, and have been rated a leader by the analyst community and named one of the Best Places to Work by the Boston Business Journal. We are Acquia. We are building for the future of the web, and we want you to be a part of it.
Acquia’s global Information Security team is seeking an Incident Response Analyst to work in our Pune, India office. In this role, you will lead incident management, forensic log analysis, malware analysis, security event monitoring, threat intelligence, and related activities.
You think like a hacker would, anticipating the moves and tactics that hackers would use to try and gain unauthorized access to Acquia systems. You stay current on the latest developments in security and exploits against cloud-based products. Your newspaper of choice is ‘The hacker news’.
Responsibilities include, but are not limited to:
- Perform real-time security alert and event monitoring across all levels of the Acquia Platform.
- Security ticket triage and ticket closure.
- Complete essential daily analysis tasks to help ensure Acquia’s sites and infrastructure are safe.
- Perform log analysis and related digital forensics.
- Participate in security investigations and respond to information security incidents.
- Maintain a general knowledge of common security vulnerabilities, attack vectors, methods, and remediation techniques (DDOS, Man in the Middle, Brute Force, SQL Injections, Cross-Site Scripting, Cross-Site Forgery Request).
- Continue to develop your technical knowledge and skills to stay ahead of the threat.
- 2+ years prior experience working as part of an incident response team or a security operations center.
- Familiarity with one or more of the following; Linux, Apache, Nginx, Varnish, MySQL, PHP, Drupal and securing cloud based platforms (AWS).
- Experience with continuous monitoring tools, such as SumoLogic, Splunk, ELK, or ArcSight is beneficial.
- Experience with network and host-based security detection tools (NIDS, HIDS, etc.).
- Good understanding of cloud security challenges and networking principles.
- Ability to track incidents and thoroughly communicate across a global team.
- Must be dependable, reliable, and able to work independently and as a member of a team.
- Strong problem-solving abilities, initiative, and ability to thrive under pressure.
- Excellent interpersonal and communication skills.
Other Skills and Abilities:
- Desire to become a subject matter expert in the role, demonstrating a willingness to learn and a can do attitude.
- Takes on additional responsibilities to fill in the gaps. Owns deliverables, accountable for results. Recognizing when it's appropriate to jump in and own it, and also when to provide support and collaboration.
- Adopts a team approach, acknowledging and appreciating efforts, contributions, and compromises. Recognizes the common purpose of the team and respects team decisions.
Acquia is an equal opportunity (EEO) employer. We hire without regard to age, color, disability, gender (including gender identity), marital status, national origin, race, religion, sex, sexual orientation, veteran status, or any other status protected by applicable law.