CYBER SECURITY ANALYST

Cyber Security Analyst is needed to perform the following duties: • Create and enforce security policies, procedures, and protocols to ensure the protection of sensitive data and compliance with industry standards. • Develop and implement comprehensive security policies, procedures, and protocols to protect sensitive data and ensure compliance with industry standards such as ISO 27001, NIST, CIS Benchmarks, SOC 2, GDPR, and PCI-DSS • Continuously monitor security alerts and incidents, analyze threat intelligence, and respond promptly to mitigate risks. • I proactively monitor security alerts, analyze threat intelligence, and respond swiftly to mitigate risks. Using SIEM and SOAR tools like Splunk, Sentinel, and Elastic Security, I detect and investigate threats in real time. By integrating threat intelligence frameworks (MITRE ATT&CK, STIX/TAXII), I identify attack patterns and proactively enhance security defenses. • During incidents, I follow NIST and SANS methodologies to assess, contain, and remediate threats using Prisma Cloud, Wiz, and ServiceNow. Automated response mechanisms enable rapid containment of malware, unauthorized access, and cloud misconfigurations. I also conduct post-incident reviews to refine detection capabilities, strengthen security policies, and enhance overall threat resilience • Leverage automation tools to streamline security operations, including threat detection, incident response, and vulnerability management • I utilize automation tools to enhance security operations, including threat detection, incident response, and vulnerability management. By implementing SIEM and SOAR solutions like Splunk, Sentinel, and Cortex XSOAR, I automate log analysis, anomaly detection, and security event correlation, reducing response time and improving efficiency. • For incident response, I deploy automated playbooks to contain threats, quarantine compromised assets, and trigger remediation workflows in Prisma Cloud, Wiz, and ServiceNow. Additionally, I integrate vulnerability scanning tools(e.g., Tenable, Qualys) to identify and remediate security gaps proactively, ensuring compliance and minimizing attack surfaces. • Provide guidance and training to internal teams on security protocols, tools, and best practices to enhance overall security posture. • I provide guidance and training to internal teams on security protocols, tools, and best practices to strengthen the organization's security posture. This includes conducting workshops, knowledge-sharing sessions, and hands-on training on security tools like Wiz, Prisma Cloud, and ServiceNow. • I develop best practice guidelines for secure cloud configurations, threat mitigation, and incident response, ensuring teams adhere to industry standards. Additionally, I collaborate with stakeholders to improve security awareness, policy adherence, and proactive risk management across the organization. • Analyze potential risks to the network and cloud infrastructure and develop strategies to minimize their impact. • I assess network and cloud infrastructure risks, identifying vulnerabilities and potential attack vectors. Using risk assessment frameworks and tools like Wiz, Prisma Cloud, and Tenable, I analyze misconfigurations, compliance gaps, and emerging threats. • To mitigate risks, I develop strategic security measures, including automated enforcement policies, network segmentation, and threat modeling. Additionally, I collaborate with teams to implement proactive security controls, ensuring resilience against evolving cyber threats. • Oversee the deployment, configuration, and management of security tools like Wiz, Prisma Cloud, and others to ensure they are effectively protecting the environment. Keep abreast of the latest security threats, technologies, and industry trends, and apply this knowledge to improve security measures. • Oversee the deployment, configuration, and management of security tools like Wiz, Prisma Cloud, and other cloud security platforms to ensure comprehensive protection of the environment. This includes fine-tuning security policies, integrating automation for continuous monitoring, and optimizing tool effectiveness. • Stay updated on emerging threats, evolving attack techniques, and industry best practices, applying this knowledge to enhance security measures. By continuously refining security configurations and adopting cutting-edge technologies, I strengthen the organization's overall security posture. • Maintain detailed documentation of security processes, incidents, and configurations to ensure clarity and continuity in security operations. Deep understanding of cloud security best practices and architectures for Azure and AWS. • I maintain comprehensive documentation of security processes, incidents, and configurations to ensure clarity, compliance, and operational continuity. This includes tracking security incidents, documenting response actions, and updating security policies for future reference. • With a deep understanding of cloud security best practices for Azure and AWS, I ensure security architectures align with industry standards. By maintaining well-documented configurations and security controls, I support efficient troubleshooting, audits, and continuous security improvements. • Proficiency in using security tools such as Wiz, Prisma Cloud, Jira, ServiceNow, and Confluence. • Wiz: Skilled in using Wiz for cloud security risk management, vulnerability scanning, and threat detection across cloud environments, including Kubernetes and containers. • Prisma Cloud: Experienced in leveraging Prisma Cloud for cloud security posture management, container security, vulnerability scanning, and compliance monitoring in multi-cloud environments. • Jira: Proficient in using Jira for agile project management, issue tracking, and prioritizing security tasks to ensure timely resolution of vulnerabilities. • ServiceNow: Expertise in automating ITSM workflows for security incidents, managing escalation, and integrating with other tools for efficient threat response. • Confluence : Skilled in documenting security policies, process flows, and best practices, ensuring clear communication and collaboration across teams. • Strong knowledge of networking protocols, topologies, and security concepts. Meticulous attention to detail to ensure accuracy and completeness in security assessments and reporting. • Strong understanding of networking protocols (e.g., TCP/IP, DNS, HTTP/S), topologies (e.g., LAN, WAN, VPN), and security concepts (e.g., firewalls, IDS/IPS, encryption). Detail-oriented in performing comprehensive security assessments, ensuring accuracy in identifying vulnerabilities, and providing clear, actionable reporting for effective risk mitigation and compliance. • Real time troubleshooting of complex & sensitive network related issues ranging from but not limited to complete network connectivity loss, with enterprise customers like Financial Organizations, Service Providers, Universities, US Government organizations via Support Tunnel. • Proficient in diagnosing and resolving complex, time-sensitive network issues, including complete network connectivity loss, across various environments. Experienced in supporting enterprise customers such as financial institutions, service providers, universities, and U.S. government agencies through secure support tunnels. Able to troubleshoot and resolve critical issues swiftly while minimizing service disruption and ensuring the continuity of operations. • Configure masquerading and domain mapping. • Skilled in configuring network masquerading (NAT) to enable secure communication between internal and external networks. Experienced in setting up domain mapping for seamless redirection and proper DNS resolution, ensuring efficient traffic management and optimal network performance. • Configure/Disable or refining the Policy Implementation as per client approval and requirement. Share the log analysis for critical incidents with clients. DNS (Domain Name System) configuration and management is necessary for setting up DMARC records. • Proficient in configuring, disabling, or refining security policies in alignment with client approval and tailored requirements to ensure compliance and operational efficiency. Skilled in providing detailed log analysis for critical incidents, offering clients clear insights and actionable recommendations for swift issue resolution. Experienced in DNS configuration and management, including setting up and maintaining DMARC records to strengthen email security, prevent phishing attacks, and ensure proper domain authentication. • Analytical Skills: Ability to analyze DMARC reports and interpret the data to identify sources of email abuse, spoofing attempts, and compliance issues. • Strong ability to analyze and interpret DMARC (Domain-based Message Authentication, Reporting & Conformance) reports to identify sources of email abuse, spoofing attempts, and non-compliance with security standards. Proficient in extracting actionable insights from DMARC data to improve email security, mitigate risks, and ensure proper domain authentication and alignment. Skilled in identifying patterns, troubleshooting issues, and recommending improvements to enhance overall email system security. • Email Security and Cisco Advanced Malware Protection (AMP) for Endpoint console integration. Troubleshoot issues related to ASA firewall • Experienced in integrating email security solutions with Cisco Advanced Malware Protection (AMP) for Endpoint, enhancing threat detection and prevention across endpoints and email systems. Skilled in configuring and managing Cisco AMP to detect, block, and remediate advanced malware threats. Proficient in troubleshooting and resolving issues related to ASA firewalls, ensuring secure network traffic and maintaining the integrity of network perimeters. Bachelor's Degree is required in Computer Science or Computer Engineering or Information Technology

.