Associate Risk and Securityanalyst

Posted on August 27, 2017
Position Purpose Cargill is seeking an exceptional Junior Analyst for their world class Security Operation Center (SOC) which handles Cyber Security Alerts & Incidents originating from multiple sites across Cargill. As a part of Cargill s Cyber Security Incident Response Team (CSIRT) s / he will be solving and handling challenging / interesting Information Security Incidents. This role provides an opportunity to work around multiple Information Security tools and also have a sneak peek at some basic malware analysis. The support team will work on rostered shifts starting 6 am 3 pm and 2 am 11 pm only for 5 days in a week. Principal Accountabilities - Part of the global Security operations center providing 24 7 support - Manage and Monitor all events on the SIEM. - Categorize the events and raise necessary incidents after thorough quality check of the event. - Work closely with L2 and L3 Support and provide adequate information required for resolution. - Security Incident Monitoring and depth analysis of critical and Major Security Incidents (Internal and External) using Tools - HP ArcSight ESM , Arcsight Smart Connectors or Log Rhythm - Collaborates with the Cyber Security Incident Response Team on new platform functionality - Collaborates with Cargill s Technology Governance , Risks , and Controls organization to integrate further datasets Education (includes formal education , certifications , accreditations , etc) Bachelor s / Master s degree in Information Technology with 1 - 3 years of experience. Preferred GIAC Certified Intrusion Analyst Certifications in Splunk Security app / HP Arcsight / IBM Qradar or other SIEMs CompTIA Security , Cisco Certified Security Professional / Associate , CEH , ISO 27001 - LI / LA Experience We are looking for someone who is robust , technically qualified & has experience handling SIEM alerts. The role demands someone who is passionate about security. If you are having the above qualities in addition to being innovative and eager to learn & try new ideas , this is the place for you. Technical Skills - Exposure in categorizing information security alerts from tools like SIEM , DLP , Proxy - Basic exposure in handling Information Security Alerts from multiple tools. - Basic understanding of Operating Systems , Virtualization technologies , Network Devices , Cloud computing concepts , Web Proxies , Firewalls , Intrusion Detection / Prevention Systems , Antivirus Systems , Data Loss Prevention , Vulnerability Assessment tools Understands SIEM tools functionality and logic behind creating rules and filters , integrating with different solution e.g. AV software , IDS , IPS etc... Basic understanding of network protocols including TCP / IP , UDP , DHCP , FTP , SFTP , ATM , SNMP , SMTP , SSH , SSL , VPN , RDP , HTTP and HTTPS. - Understanding of various cyber - attacks and recent hacking techniques - Use vulnerability assessment data to pinpoint potential points of attack - Strong oral and writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports. - Ability to manage multiple tasks , priorities , and operational assignments in a high pressure environment. -