How you'll make an impact:

• High-level professional writing experience regarding documenting and reporting on potential security incidents identified in customer environments including timeline of events
• Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets.
• Provide analysis on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc.
• Perform knowledge transfers, document, and train clients regarding the mitigation of identified threats.
• Provide ongoing recommendations to peers and customers on tuning and best practices.
• Actively research current threats and attack vectors being exploited in the wild
• Actively work with analysts and perform investigations on escalations.
• Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach.
• Provide gap analysis for clients to better their security posture.
• Maintain and develop SOPs for the threat analyst team.
• Develop and maintain Playbooks and runbooks.
• Work with internal teams to increase the efficiency and effectiveness of security analysis provided by the threat analysis team.
• Training of new analysts on security and tools
• Create and maintain a Content Catalog based on security essentials and the evolving threat landscape.
• Provide quality assurance (QA) review of security alerts handled by Team members.

What we’re looking for

• Six or more years of full-time professional experience in the Information Security field
• Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment as a point of escalation.
• Excellent time management, reporting, and communication skills including customer interactions and executive presentations.
• Data analysis using SIEM, Database tools, and Excel.
• Experience troubleshooting security devices and SIEM.
• Ability to create and maintain content within SIEM environments and make recommendations to clients to better their visibility.
• IDS monitoring/analysis with tools such as Sourcefire and Snort
• Direct (E.g., SQL Injection) versus indirect (E.g., cross-site scripting) attacks
• Experience with the following attacks: Web Based Attacks and the OWASP Top 10, Network-Based DoS, Brute force, HTTP Based DoS, Denial of Service, and Network-Based / System Based Attacks.
• Familiarity with SANS' top 20 critical security controls
• Understand the foundations of enterprise Windows security including Active Directory, Windows security architecture and terminology, Privilege escalation techniques, Common mitigation controls and system hardening.
• Anti-virus (AV) and Host Based Intrusion Prevention (HIPS)
• Experience in monitoring at least one commercial AV solution such as (but not limited to) McAfee/Intel, Symantec, Sophos, or Trend Micro
• Ability to identify common false positives and make suggestions on tuning.
• Understanding of root causes of malware and proactive mitigation
• Propagation of malware in enterprise environments
• Familiarity with web-based exploit kits and the methods employed by web-based exploit kits.
• Familiarity with concepts associated with Advanced Persistent Threats and “targeted malware.”
• Experience and understanding of malware protection tools (FireEye) and controls in an enterprise environment.
• Covert channels, egress, and data exfiltration techniques
• Familiarity with vulnerability scoring systems such as CVSS.
• Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks
• The role demands the availability for US working hours (5 PM (IST) to 3 AM (IST))
• This role is Work from Office role

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)