Security Analyst at Cognizant

Posted in Information Technology 30 days ago.

This job brought to you by eQuest

Type: Full-Time
Location: Tampa, Florida

Job Description:

Required Qualifications:

  • Candidates will have 1-3 years of experience as a Security/Network Administrator or equivalent knowledge.

  • Knowledge of attack vectors (malware, web application, social engineering, etc).

  • Knowledge of TPC/IP Protocols, network analysis, and network/security applications

  • Knowledge of various security methodologies and processes, and technical security solutions (SIEM, IPS/IDS, Firewall solutions)

  • Foundational knowledge around IT Infrastructure (Network or Windows).

  • Effective written and verbal communication skills with good analytical skills

Job Roles/Responsibilities:

  • Responsible for working in a 24x7 Security Operation Center (SOC) Environment

  • Monitor security email queues

  • Perform analysis of log files and data outputs. Perform triage of incoming issues via email and ticket tracking system.

  • Monitor SOC Hotline for general security related queries

  • Monitoring and escalating logged Security Events

  • Provide incident Response (IR) support as needed

  • Provide analysis based on threat and vulnerability reports.

  • Monitoring log streaming continuity

  • Provide tuning recommendations of security tools based on traffic patterns.

  • Identify malicious or anomalous activity based on event data from firewalls, WAF, IPS, Proxy, Email Gateway, DLP, Endpoint Solutions and other sources.

  • Initiating escalation procedures if triggers and threshold are met.

  • SOC Operations:  operate SIEM environment in a manner that meets all Service Recipient requirements, including:

    • Minimizing cyber security attacks with the ability to capture, load and analyze all types of Security Events in near-real-time

    • Defining collection points and tuning rules as needed to avoid false positives

    • Monitoring Services and reacting to triggered alerts

    • Running correlated rules against historical data

    • Monitoring threat feeds, the latest vulnerabilities and the latest security news items

    • Checking for a false positive before alerting Service Recipient of a Security Event


Desired Qualifications:

  • Prior experience with one or more of the following tools: SIEM, Firewall, AV, IPS/IDS, WAF, Proxy and Email Security.

  • Experience with cloud-based systems such as AWS

  • Relevant certificates Security+, CySA+, CEH or related certification.