[Remote] Security Analyst

Note: The job is a remote job and is open to candidates in USA. Cognizant Corporate is a global community committed to making a meaningful impact. The Security Analyst role involves monitoring logs, responding to threats, and working within the Corporate Security team to ensure compliance and risk management.

Responsibilities

• Monitors various log sources from tools and applications such as Endpoint Detection and Response (EDR) logs, Intrusion Prevention/Detection Systems (IPS/IDS), firewall logs, Windows logs, Linux operating system logs, etc
• Analyze true positive incidents and provide detailed analysis comments for respective support / business functions to take corrective / remedial / compensatory actions
• Escalate high or critical incidents or complex security alerts to Senior Security Analysts
• Monitor Data Loss Prevention alerts and respond to associated events as appropriate
• Track and update security incidents over the course of the incident lifecycle
• Participate in reviewing, validating, and continuously evaluating the efficacy of logs for quality and relevance
• Documentation of log event types
• Updating new log event types
• Mapping existing and new use cases to log source types
• Recommending new use cases, as appropriate
• Prepare documents and reports as requested
• Attend meetings and training as required
• Participate in knowledge sharing sessions
• Recommend documentation improvements

Skills

• 1 or more years of Security Operations Center experience
• Some IT exposure (certification, self-learning, or job experience)
• Industry standard security certification (i.e., Security+, CeH, CCNA, or other entry-level security certifications)
• Additional certifications will be reviewed by management
• Communication skills (i.e., provide reports to management, escalate issues, etc.)
• Bachelor's degree in computer science, information security, or a related field
• Experience in SIEM software and EDR tools
• Well versed in log analysis on various log sources from Next-Gen firewalls, Domain Controllers, Linux operations systems, Anti-Virus logs, EDR/XDR, IPS/IDS, router and switch logs, etc
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with other members
• Experience in Threat hunting, log integration, and incident case management
• Preferred 1-2 years of Security Operations Center experience
• Preferred 1-2 years of general IT support experience
• Any experience with networking or scripting/programming is a plus

Benefits

• Medical/Dental/Vision/Life Insurance
• Paid holidays plus Paid Time Off
• 401(k) plan and contributions
• Long-term/Short-term Disability
• Paid Parental Leave
• Employee Stock Purchase Plan

Company Overview

Company H1B Sponsorship