Cyber Security Analyst
Barclays
Pune, India
6d ago

What will you be doing?

This role will be a 24x7x365 analyst position Shifted pattern within our Joint Operations Centre in Pune, part of a globally distributed operational team that performs the following mission-critical functions :

  • 1st line analysis, triage and escalation of security events within the SIEM, through to escalation and remediation of detected security incidents.
  • 1st line point of contact, providing command, control and reporting support to Incident Management teams for all security incidents.
  • Understand when to escalate events and to whom; track and report security incidents to remediate and drive closure.
  • Utilise existing processes and technologies in place, to detect, respond and prevent malicious electronic attacks to Barclays’ networks and network estate;
  • provide guidance to identify attacks, attacker’s suitable mitigation techniques.

  • Interprets, analyses and reports all events and anomalies in accordance with cyber security related directives, including initiating, responding and reporting discovered event.
  • Analysis of Intelligence information to ensure enhanced detection, as well as improvement of functional capability.
  • Support identification, enhancement, improvement and delivery of monitoring and response methods and processes, to reduce risk to the Organisation.
  • What we’re looking for :

  • Proficiency in SIEM technologies & usability in a Large & Complex Computing Environment.
  • Analysis and response of detected security incidents, timely escalation and drive to ensure the closure of incidents.
  • Incident Response skills including proficiency in PCAP Capture, Network Analysis, and Traffic Patterns.
  • Identify attacks and malware (Trojans, Ransomware, etc.) analysing event data generated from proxy, endpoints, IDS, MPS, network devices etc.
  • Proficiency in Phishing Threat Types (Targeted Spear, Broad-based SPAM, Targeted Industry, Whaling, etc.)
  • Skills that will help you in the role :

  • Proficiency of Operating System fundamentals and OS Security (Windows & Linux);
  • Proficiency in Networking Principles, Protocols, & Practices;
  • Understanding of traditional ITIL concepts Incident, Change and Problem management;
  • Understanding of Cloud Security Principles (AWS / Google / Azure)
  • Understanding of Open Source network analysis tools, and Open-source intelligence tools (OSINT).
  • In-depth knowledge of the Cyber Kill-Chain, Intelligence-driven defence and security architectures.
  • Ability to help write concise reports based on complex data with accuracy, brevity, and speed.
  • Understanding of Ethical Hacking from the perspective of a Blue-team member; the countermeasures and mitigation controls which can be implemented to minimise the threat landscape and risk to an organisation.
  • Appreciation of End Point security products including firewalls, Anti-virus and network access control.
  • Appreciation for programme and project management methodologies.
  • Experience delivering technical detection and response programs and initiatives is also desirable.
  • Active SANS certifications in the areas of network, incident handling, malware and forensic analysis (GREM, GCIA, GCFA, GCIH) are desirable, but not essential.
  • Strong working knowledge of Splunk and the Splunk Query Language.
  • Understanding and experience of reverse-engineering malware would also be beneficial, but is not essential.
  • A good technical understanding of the threats against the financial industry from both the physical and Cyber threat domains.
  • Where will you be working?

  • Pune
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form