Cyber Security Operations Analyst II

Join our team at SVB Global Services India LLP hereinafter referred to as First Citizens India– an organization that has built a legacy of strength, stability and long-term thinking that has spanned generations. Our parent company, First Citizens BancShares, Inc. is a top 20 U.S. financial institution with more than $200 billion in assets and a member of the Fortune 500™.

Situated in the vibrant city of Bengaluru, we play a crucial role in driving the success of our parent company and its subsidiaries.

At First Citizens India, our team brings together diverse backgrounds and rich experiences to deliver excellence across key business functions. Our commitment to innovation and collaboration makes us the preferred partner in navigating the dynamic and fast-growing digital landscape.  We believe in diverse, equitable and inclusive working environment because we understand that when all our differences converge, we create a synergy that enhances associate and customer relationships and drives innovation of our products and services.

Cyber Security Operations Analyst -II

About the role-

Looking for an experienced security event telemetry triage analyst . This is a technical role supporting the Monitoring function with threat analysis, content creation, tooling support, alert tuning, . Seeking a candidate who has worked in a Security Operations Center with strong understanding of network, host, and application security telemetry as well as controls related to perimeter defense, messaging, and proxy stacks.

Once here you will-

• Support the technical analysis of SIEM and alerts as requested by the triage team.
• Support the content creation pipeline for new threats identified because of an incident, threat intelligence or vulnerability.
• Identify any technology gaps and contribute to designing solutions to address them.
• Support the automation effort to streamline and accelerate triage response.
• Drive projects initiates and control enhancements.
• Promote core values, cross-skilling.

Core Duties -

• Event Triage and Analysis –investigate SIEM (Splunk) & SOAR (preferred Demisto/Cortex XSOAR) events as necessary; bring experience in malware analysis, network/endpoint security to respond and contain incidents.
• Content Development (Playbooks) - Support the creation countermeasures and mitigations in response to an incident or threat actor technique.
• Threat Hunting - Support the operational driven inputs (e.g., on the heels of an incident or event) into threat hunting and help build countermeasures/mitigations to detect commodity and targeted threats.
• Automation - Identify areas for automation and facilitate the creation of automation use cases and support their implementation.
• Deep Analysis – perform deep alert analysis using Splunk; should be able to write / understand Splunk queries.

Continuous Improvement

• Support playbook development and updates, alert tuning, process document creation, and collaboration across Cyber Operations and Information Technology to advance the Threat Monitoring program and capabilities.

What you will bring-

• Familiarity with event triage and analysis methods, building containment and mitigation strategies and executing them at speed is a must.
• Understanding malware attack paths, its associated artefacts on disk and memory and its use of legitimate applications to hide behaviors will be useful.
• Familiarity with malware behaviors or hands on malware analysis would be a plus.
• Familiarity with exploit writing and therefore understanding application behaviors would be useful.
• Ability to define security requirements and drive project deliverables.

Education and Experience

• Bachelor’s degree or equivalent education. Experience 4- 7 year in Security Industry.

.

Equal Employment Opportunity

SVB Global Services India LLP hereinafter referred to as First Citizens India is an Equal Employment Opportunity Employer. We are committed to fostering an inclusive, equitable and accessible environment and prohibit all forms of discrimination on the basis of gender, religion, caste, disability, sexual orientation, economic status or any other characteristics protected by the law. We strive to foster a safe and respectful environment in which all individuals are treated with respect and dignity. Our EEO policy covers all employment processes such as recruitment, hiring, compensation, benefits, promotions, learning opportunities, and other applicable employment terms for all qualified applicants and employees.