Security Operations Center Analyst
Description:
Responsibilities
Monitor, maintain, and analyze WAF (Web Application Firewall) and alerts on WAF (Web Application Firewall) and Web Traffic Logs on SIEM tool, identify the potential threats / intruders behaviors and take quick steps to block the suspicious attempts.
Managing and monitoring web application rules and policies across the enterprise.
Work with Security teams to tune control systems to best meet the need of the business.
Managing the day to day governance of the enterprise web application firewalls, database firewall, and other security controls which includes configuration tuning, troubleshooting, as well as defining and executing escalation criteria.
Identify the different attack patterns for our websites and analyze the traffic by proposing new custom rules to block the suspicious traffic.
Conduct web application security scans, analyze results for false positives, prioritize vulnerabilities, and research and propose remediation steps.
Conduct routine log review of information security events, investigating and responding as necessary
Maintain and enhance monitoring capabilities to ensure the integrity of eClinicalWorks.
Act as a core member of the Incident Response Team, triaging, responding to and reporting incidents and associated metrics Administer and maintain security products (vulnerability management, web application firewall, SIEM, DLP)
Launch and track investigations to resolution, recognizes attacks based on their signatures.
Differentiate false positives from true intrusion attempts.
Document computer security policies, procedures and provide alternative solutions to requests that violate policies.
Understand the customer requirements and developed Security Policies to prevent attacks.
Actively investigate the latest in security vulnerabilities, advisories, incidents and notify concerned when appropriate.
Update the Knowledge base to effectively communicate information internally or customers. Adhere to policies, procedures, and security practices.
Other duties as assigned.
Requirements
Bachelors or Master’s Degree in Computer Science or Information Technology or a related field (such as BE, BTech, MTech, BCA, MCA, BSc IT, MSc IT).
Very good knowledge on HTTP, HTTPS, FTP protocols.
1 year of java experience.
Experience with Linux would be a plus.
Experience in information security space.
Experience with OWASP or NIST 800-64 a plus