SOC Security Analyst
Pune, Maharashtra, India
Domo
With Domo, you can use data and insights delivered in data experiences to multiply your business impact and drive your business forward.COMPANY OVERVIEW:
Domo puts data to work to help everyone multiply their impact. Domo gives every kind of user real-time insights they can act on, with secure, easy-to-use, AI-powered data experience that drives a culture of data curiosity.
POSITION SUMMARY:
The Security Analyst is a key member of Domo’s Security Operations team. This position will be focused on developing cyber threat intelligence in addition to supporting, monitoring, detection, and security incident response efforts. A successful candidate will have excellent research and analytical abilities, being able to provide detailed insight into cyber threat actors and the tactics, techniques, and procedures they use. They will also have strong communication skills, being able to compile reports for technical audiences as well as business leaders. Bonus points for experience in a SaaS company leveraging AWS and other major CSPs for infrastructure.
This role requires a strong understanding of security engineering principles for designing, building, and maintaining security infrastructure and systems. It also requires the ability to work effectively in a global team and communicate complex security concepts to both technical and non-technical colleagues.
KEY RESPONSIBILITIES:
- Data Analysis and Intelligence: Synthesize large datasets into actionable intelligence results.
- Cyber Defense Development: Assist in creating content for cyber defense tools and coordinate with teams to validate security alerts.
- Incident Documentation and Response: Document and respond to security incidents impacting the environment, including isolating and removing malware in response to new threats.
- Event Correlation: Perform event correlation using enterprise-wide information to assess the effectiveness of observed attacks.
- Threat Reporting: Regularly provide threat landscape reports to the security group and business leaders.
- Intrusion Detection and Analysis: Detect and alert possible attacks/intrusions, anomalous activities, and misuse, and analyze malicious activity to determine exploited weaknesses and methods.
- Threat Actor Identification: Identify tactics, techniques, and procedures used by threat actors using frameworks like MITRE ATT&CK.
- Incident Notification: Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents.
- Threat Monitoring: Monitor external data sources to maintain currency on threat conditions.
- Stakeholder Collaboration: Collaborate with stakeholders to resolve computer security incidents.
JOB REQUIREMENTS:
Required:
- Experience and Education: 3-6 years of experience in an intelligence analyst or security operations role, with a Bachelor’s or Master’s degree or a certification such as CompTIA Security+, Network+, GIAC GSEC, or similar.
- Technical Knowledge: Understanding of physical computer components, network architectures, attack methods, common computer/network infections, and encryption algorithms. Familiarity with cyber intelligence/information collection capabilities, cyber operations terminology, data communications terminology, and internet network addressing.
- Cybersecurity Expertise: Proficiency in identifying what constitutes a network threat, knowledge of penetration testing principles, tools, and techniques, and understanding of how to extract, analyze, and use metadata. Familiarity with physical and logical network devices and infrastructure.
- Analytical Skills: Ability to evaluate information for reliability, validity, and relevance, and skill in identifying critical target elements.
- Communication Skills: Ability to prepare and present briefings, write, review, and edit cyber-related Intelligence/assessment products, and articulate intelligence requirements into research questions and data tracking variables.
- Research Skills: Proficiency in using multiple search engines and tools.
- Engineering Skills: Strong understanding of security engineering principles for designing, building, and maintaining security infrastructure and systems with experience with cloud, corporate, and endpoint security.
Desired:
- Advanced Framework Knowledge: Proficient in the MITRE ATT&CK Framework and its application to all levels of monitoring, detection, and incident response.
- Cloud Security Expertise: Comprehensive understanding of major Cloud Service Providers’ services, security tools, and logging.
- Deep Web Research Skills: Skilled in conducting non-attributable research using deep web and dark web.
- Threat Identification: Advanced skills in identifying cyber threats that could impact the organization and partner interests.
- Tailored Analysis: Knowledge of tailoring analysis to necessary levels, using multiple analytic tools, databases, and techniques.
- Scripting and Automation: Ability to use scripting languages for automation and problem-solving in security and vulnerability analysis with emphasis in cloud infrastructure, endpoint, and security system integrations, such as SIEMs.
LOCATION:
Pune, Maharashtra, India
Domo is an equal opportunity employer.
#LI-TU1
#LI-Hybrid
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Cloud CompTIA Cyber defense Encryption Endpoint security GIAC GSEC Incident response Intrusion detection Malware MITRE ATT&CK Monitoring Pentesting SaaS Scripting SIEM SOC Threat intelligence
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs