Cybersecurity – Incident Response Analyst Job Vacancy in FactSet Research Systems Hyderabad, Telangana – Latest Jobs in Hyderabad, Telangana

Are you looking for a New Job or Looking for better opportunities?
We got a New Job Opening for

Full Details :
Company Name : FactSet Research Systems
Location : Hyderabad, Telangana
Position :

Job Description : Title: Cybersecurity – Incident Response Analyst
Department: Security
Location: Hyderabad, India;
FactSet is a financial data and software company headquartered in Norwalk, CT with offices in 35 locations worldwide. As a global provider of financial information and analytics, FactSet helps the world’s best investment professionals outperform. More than 87,500 users stay ahead of global market trends, access extensive company and industry intelligence, and monitor performance with FactSet’s desktop analytics, mobile applications, and comprehensive data feeds. As of February 2017, annual subscription value reached $1.19 billion and headcount passed 8,500.

FactSet was ranked #89 on FORTUNE’s “100 Best Places to Work” list in 2016 and has consistently been recognized as a great workplace by leading publications.
Role/Department Description:
FactSet is currently seeking an experienced Incident Response Analyst to join the growing global Cybersecurity team. The hire will be part of global “ Security Intel Center ” Team, which is primarily responsible for detecting & responding to the ever-evolving cybersecurity Threats to the business & its assets. Areas of work include Security event Analysis, Use case development, Incident Response, Digital Forensics, Security control Tuning, Threat Intelligence & Hunting in the domains of Network, Endpoint & App Security. The role will closely work with engineering teams on cross-functional projects throughout the organization & requires enthusiasm, curiosity, persistence, and a thirst for security knowledge.
Shift Timings:
Rotational Shifts: Mrng Shift [06:30 AM – 03:30 PM]
General Shift [09:30 AM – 06:30 PM]
Afternoon Shift [01:00 PM – 10:00 PM]
Evening Shift [04:00 PM – 01:00 AM]
Key Responsibilities:
The role has a blend of both operational & strategic responsibilities with a split of 60-40% of time respectively.
Triage, analyze & respond to SIEM events with articulate analysis and clear response guidance/questions to other partner teams through established collaboration mechanisms (Ticketing systems, IM platforms)
Lead & Respond to the Incidents identified/reported through established IR procedures, playbooks & provide frequent executive & detailed investigative reports to the Executive management.
Perform Digital forensics (collection, preservation, analysis & presenting) as required for the investigations through existing tooling & process, while ensuring the integrity of the evidence collected.
Develop & Conduct Tabletop exercises to cover incident scenarios that test & reinforce varied technical skills, procedures, business & domain knowledge.
Proactively identify the areas of improvement (Procedural & Technical), propose plans, collaborate with partners to get the plans implemented & report the KPI’s aligning with the overall goal of increased Visibility, Detection & efficient response.
Develop domain & business workflow knowledge around different systems/services (including cloud) to clearly understand the risk involved, threat model & create use cases that proactively detect Threats.
Tune Security controls to enhance the True positive rate & at the same time reduce the false negative & false positives.
Develop comprehensive documentation & Playbooks for different process, workflows, controls & technologies, such that they can be efficiently consumed by the IR Team during response.
Identify automation opportunities & leverage the SOAR platform to develop & implement the automated playbooks for response.
Leverage the Operational & Tactical Threat Intel data from the established feeds & sources to detect Threats. Contribute & compliment the Inhouse Threat Intel function with internally observed & gathered Intelligence
Leverage existing log data from different sources for proactive Threat Hunting based on different TTP’s.
Effectively lead the security projects/tasks assigned by taking ownership of planning, implementation & coordination.
Own the operational queues, request prioritization, handovers, SLA adherence to achieve the agreed service levels.
Collaborates with Departmental leadership to align with established Departmental/Organizational roadmaps.
Fosters and cultivates vendor relationships and grasps vendor roadmaps and release schedules.
Participates in the on-call rotation as per the schedule for any escalations outside business hours.
Required Skills:
5-8 years of experience working in an Incident response Team.
Strong understanding of other Security functions,
Ability to efficiently utilize to log analytics & correlation tools like ELK stack, Splunk & Qradar for analyzing & filtering logs.
Sound understanding of different attack frameworks like Kill Chain & MITRE & ability to utilize them for incident response & reporting.
Strong understanding of various Network security technologies like UTM, ALG enabled firewalls, Proxy servers, IDS/IPS Controls, Packet captures, WAF, IronPort’s & respective network protocols.
Strong understanding of the Modern Operating system concepts, Native endpoint security tools, Sandboxing tools, Malware Techniques & experience analyzing EPP & EDR alerts.
Good understanding of various Identity related concepts, Directory services & modern identity protocols.
Good broad level understanding of different Web, Database, Virtualization & Middleware engines, associated protocols, attack methods & technologies.
Strong understanding of different public cloud service offerings & attack techniques associated.
Experience in handling forensic (both disk & memory) for various environments (physical, virtual & cloud).
Ability to effectively handle /switch between multiple roles during an IR & deal with high pressure situations.
Having a broad understanding of the business, ability to align operational workflows to different business functions & ability to ask the right questions during an Incident response.
Ability to do rational time-critical decisions backed by a sound logic, raw data & available Intelligence.
Strong documentation skills to comprehensively craft Incident Response documents, status updates & playbooks that can be effectively consumed by the Peers & executive leadership
Having strong perseverance to keep the Incident response actions focused & progressed.
Ability to interpret small scripts is often a key skill required in incident analysis.
Experience working with SOAR platforms & ability to identify opportunities for automation.
Ability to effectively communicate (orally & written) complex technical issues to a diverse set of audience that include technical, non-technical & executive level staff.
Ability to objectively drive result-oriented meetings with a diverse set of audience.
Ability to effectively manage Time across a multitude of responsibilities through proper prioritization, tracking & scheduling.
Self-motivated, ability to understand business priorities & work with personal integrity.
Strong Team player who believes in Departmental goals/objectives & strives for Teams success.
Experience working in a Threat Intel team or Threat Hunting team would be a bonus.
To find out more about opportunities at FactSet, visit us at www.factset.com/careers , www.facebook.com/factset , or www.twitter.com/factset .

This post is listed Under  Content writer

Disclaimer : Hugeshout works to publish latest job info only and is no where responsible for any errors. Users must Research on their own before joining any company