Sr Soc Threat Analyst - Tier3

Technical Skills

 SIEM – Skills

 Create, modify, and tune the SIEM rules to adjust the specifications of alerts and incidents.

 Knowledge Integrating various log sources like Windows, Linux, Pala alto firewall , AWS, Etc.

 To provide continual correlation rule tuning, incident classification and prioritization recommendations.

 Report query adjustments, and various other SIEM configuration activities.

 Ability to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources.

 Work closely with the other teams related to Network, Device, Policy, connectivity issues etc.

 Identify new opportunities/threats in the network to improve the security of the network

 Monitor and administer enterprise log correlation (SIEM)

 Select, design, implement and manage security measures to reduce the risk of loss

VM – Skills

 Collecting, analyzing, interpreting, evaluating, and integrating vulnerability data from multiple sources to update existing product

 Vulnerability/exploit research and creating signatures for the same

 Handle Customer escalations, to identify False-Positive & False-Negative

 Actively investigate the latest in security vulnerabilities, advisories, incidents, and provide insights (sources like, Microsoft, Oracle, etc)

 Troubleshooting security vulnerability issues/ gaps that arise

 Vulnerability data discovery and validation (Data efficacy & Accuracy)

 Develop, test and modify custom scripts for vulnerability content

 Manually/Automate analyzing new CVE information published

 XDR - Skills

 Monitor and analyzing Threat hunting, Deep investing on Cortex XDR Alerts, Detection, Incidents.

Troubleshoot and Configure Prevention Policies, Custom IOA Rule Groups, Detections Management, Exclusions, IOC Management, Firewall Policies, Firewall Rule Groups, USB Device Policies, Response Policies, Response Scripts & Files, Containment Policy, Sensor Update Policies.

Should be able to check and utilize all Vulnerability feature in spotlight.

 PAM- Skills

 Perform daily tasks that include reconciliation of servers, daily health check of the PAM servers, run daily compliance reports, etc.

 Manage Privileged Session Management and associated policies.

 Create and manage Platforms, Policies and Safes for Privileged ID’s.

 Responsible for Privileged User account administration for various platforms including Windows, UNIX, LDAP, Databases.

 Manage Service Accounts, Non-Production Accounts, Test Accounts within the vaults.

Develop and maintain documentation for security systems and procedures.

Reporting and metrics

Management skills:

1. Analyse, investigate, lead and coordinate responses to complex, advanced security events and alerts, perform forensic analysis to understand extent of compromise by using respective tools.

2. Monitor, analyse security threats, vulnerabilities and trends by utilize threat intelligence to enhance detection and response capabilities.

3. Provide guidance, conduct trainings and support to level 1 and 2 SOC analysts

4. Collaborate, Assist with security engineers to deploy, develop, implement and manage security tools and architecture.

5. Work closely with IT and security teams to coordinate efforts

6. Identify opportunities for improving security processes and technology

7. Stay upto date on cybersecurity trends and threats.

8. documenting security incidents, responses and related information in accordance with procedures.

Zelis is modernizing the healthcare financial experience by providing a connected platform that bridges the gaps and aligns interests across payers, providers, and healthcare consumers. This platform serves more than 750 payers, including the top 5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, and millions of healthcare providers and consumers. Zelis sees across the system to identify, optimize, and solve problems holistically with technology built by healthcare experts – driving real, measurable results for clients.

Commitment to Diversity, Equity, Inclusion, and Belonging 
At Zelis, we champion diversity, equity, inclusion, and belonging in all aspects of our operations. We embrace the power of diversity and create an environment where people can bring their authentic and best selves to work. We know that a sense of belonging is key not only to your success at Zelis, but also to your ability to bring your best each day.

Equal Employment Opportunity  
Zelis is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. 

We encourage members of traditionally underrepresented communities to apply, even if you do not believe you 100% fit the qualifications of the position, including women, LGBTQIA people, people of color, and people with disabilities.  

Accessibility Support 

We are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability or a disabled veteran and require a reasonable accommodation with any part of the application and/or interview process, please email TalentAcquisition@zelis.com.  

SCAM ALERT: There is an active nationwide employment scam which is now using Zelis to garner personal information or financial scams. This site is secure, and any applications made here are with our legitimate partner. If you’re contacted by a Zelis Recruiter, please ensure whomever is contacting you truly represents Zelis Healthcare. We will never asked for the exchange of any money or credit card details during the recruitment process. Please be aware of any suspicious email activity from people who could be pretending to be recruiters or senior professionals at Zelis.