Company Type
Experience
Qualifications
Workhours

INCIDENT RESPONSE LEAD SECURITY ANALYST – INFORMATION SECURITY

Hyderabad, India

GapTech

Gap Tech drives innovative retail, e-commerce and global enterprise technology for our headquarters operations and our five iconic brands across the world. We push boundaries. We challenge the status quo. Innovation sits at the core of everything we do. And we’re not here just to execute; we’re here to learn and grow. As individuals, we’re passionate, diverse, innovative and wickedly talented. As a team, we’re making amazing things happen in our offices, our stores and our communities. We are diversifying our talent globally, and expanding our reach by opening a technology hub in Hyderabad, India.  Growing over time, this center will become critical in enabling technology that powers Gap Inc. business globally.

Summary: The Lead Security Analyst (Incident Response) works as a member of Gap Inc. Cyber Defense Center team within the Information Security Organization (InfoSec) and will be responsible for Monitoring Alerts within SIEM, Triage, Incident Response, and Malware analysis.

Capabilities & Requirements:

Key Requirements

Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), Security events and logs

Identify malicious or anomalous activity based on event data from Firewalls, WAF, IPS, HIPS, Anti-Virus, and other sources

Prioritizing and differentiating between potential intrusion attempts and false alarms,

Staying up to date with current vulnerabilities, attacks, malware, and countermeasures

Participate in incident response and investigations of suspected information technology security misuse or compliance reviews as requested by Gap’s Security Council, InfoSec management, or as required when alerts are received from InfoSec threat monitoring tools and threat intelligence sources

Perform Deep-dive Incident Analysis by correlating data from various sources

Assist intrusion remediation and strategy development and implementation

Creating and tracking security investigations to resolution

Provide tuning recommendations of security tools based on traffic patterns

Composing security alert notifications and other communications

Excellent communication and influencing skills including the ability to simplify key messages, present compelling stories and promote technical and personal credibility with internal and external executives, and both technical and non-technical audiences

Provides support for new analytic methods for detecting threats

Provide guidance and support for Tier 1 Security analyst 

Proven success working across organizational and geographic boundaries

This position requires the ability to work a shift schedule

Other duties as assigned

Technical Skills

Familiar with Security tools Palo Alto IPS, Cylance, Symantec

Experience in performing Malware analysis

Experience with utilizing Carbon Black Process tree and Threat hunting

Utilize SIEM tool Splunk effectively in triage events and Splunk search capabilities

Experience working in a fast paced 24/7 Incident Response Security Operations Center

Strong knowledge in TCP/IP, cryptographic protocols and algorithms, operating system (MAC\Linux\Windows) internals and operations

Deep Understanding of common Attack Vectors DDoS attacks, Phishing, Web Attacks, and Malware

Nice to have:

Security certifications: CISSP, SANS GIAC (GREM, GCFA, GCIH), OSCP

Experience in User behavior analytics tools and investigation

REQUIRED EXPERIENCE AND EDUCATION:

Bachelor Degree in Computer Science, Information Systems or a related technical field preferred.

Minimum of 4-6 years of experience in Information Security Incident Response 

Read Full DescriptionHide Full Description
Confirmed 4 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles

One Step Register
Need an account? Sign Up