Sign in
Candidate registration
Candidate registration
Login
Forgot password
Forgot password
Sign in
Candidate registration

Security Event Analyst

Show me jobs like this one

Category:  Information and Product Security
Location:  India - Hyderabad
03/20/2017
Job Specification - Security Event Analyst (24/7): Duties Salesforce - the leader in enterprise cloud computing and one of the top 10 places to work according to Fortune magazine - is seeking Security Event Analysts to join an exciting new team in our world-leading security programme.
The Security Event Analyst will be part of the monitoring and triage arm of Salesforce Security, responsible for analysing events across a large and complex environment in order to identify security incidents and protect our customers.
Security Event Analysts use their exceptional judgment and security expertise to distinguish truly interesting events from "noise". In a typical hour, an analyst might examine a malicious email, investigate an unusual login, and analyse a PC with a potential malware issue. Between these events, they will interact with Salesforce colleagues around the world, who contact Security Event Analysts with issues ranging from missing laptops to suspicious devices found in our offices.
A successful Security Event Analyst will have acute attention to detail, a healthy dose of paranoia and a logical approach to analysis and problem solving. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognising familiar elements within complex situations.
This position is based in our brand new facility in Hyderabad, India. As a 24/7 team, Security Event Analysts work shifts which include nights and weekends. The role is a key part of our global information security team, involving daily interaction with the Salesforce CSIRT and other security teams, which means fluent English is essential.
Required Skills & Experience
  • Strong interest in information security, including awareness of current threats and security best practices
  • Familiarity with system administration and security controls on Microsoft Windows and Linux
  • Experience investigating security issues and / or complex operational issues on Windows and Linux
  • Knowledge of email security threats and security controls, including experience analysing email headers
  • Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, and SMTP
  • Experience analysing network traffic using tools such as Wireshark, either to investigate security issues or complex operational issues
  • Experience reviewing system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues
Desired Skills & Experience The following items are not hard requirements but would be an advantage:
  • At least one year of experience in a dedicated Information Security role, or a relevant specialist degree (e.g., information security or digital forensics)
  • Relevant information security certifications such as GCIH, GCIA, CEH, GSEC, SSCP, or CISSP
  • Familiarity with system administration in a Windows Domain / Active Directory environment.
  • Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.
  • Experience with operational security monitoring or security incident response, preferably within a Security Operations Centre (SOC) or incident response team
  • Familiarity with system administration and security controls on MacOS
  • Experience coordinating incident response, troubleshooting, or other complex issues across a global organisation
  • Familiarity with Salesforce Sales Cloud (CRM) or Service Cloud
  • Experience with SIEM systems such as Splunk, AlienVault, QRadar, ArcSight or similar
  • Knowledge of scripting and common web technologies (e.g., Python, Perl, Unix shell scripts, PowerShell, JavaScript)
  • Active involvement in the information security community

#LI - MH


Follow us

Action

  • Apply
  • Print
  • Email a friend