Lead Consultant

Date Opened: Nov 20, 2021

Location: IN

Company: Allstate Insurance Company

Job Description

The Global Fusion Center - Incident Handling Level I Analyst is responsible for monitoring multiple security technologies and alert systems to engage in the detection and remediation of potential security events and incidents. The analyst will follow detailed operational process and procedures to appropriately analyze, escalate, and assist in creation of cases, basic investigations, and contribute to the enhancement of Fusion Center processes.

Job Responsibilities

The ideal candidate should have 3+ years of security related experience in areas such as intrusion detection, incident response/handling, 24/7 SOC operations.
In addition, the ideal candidate must have the following knowledge / experience:

  • Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation and remediation, SIEM correlation logic and alert generation.
  • Demonstrated ability to analyze, triage and remediate security incidents.
  • Understanding of Cybersecurity principles, techniques and technologies such as SANS Top 20 critical security controls and OWASP top 10.
  • Knowledge of SIEM solution such as RSA Security Analytics, ArcSight, LogRhythm, QRadarr, Splunk or similar.
  • Must be able to manage multiple priorities simultaneously.
  • Moderate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.)
  • Moderate knowledge of malware operation and indicators
  • Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
  • Moderate knowledge of security related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.)
  • Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
  • Programming skills in various disciplines including scripting languages is an added advantage.

Primary Skills

  • Cybersecurity Incident Handling / SOC
  • SIEM log analysis - Investigating security incidents using logs
  • Time line analysis using SIEM logs
  • Analyzing security incidents from endpoints, email gateway, network and permiter controls

Experience

2-3 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.

 

Shift Timing

6:30am to 3:30pm IST

2:30pm to 11:30pm IST