SOC/ VM Analyst - Information Security
Pune, Maharashtra
Applications have closed
Icertis
Icertis is the global leader in AI-powered contract intelligence. The Icertis platform revolutionizes contract lifecycle management, equipping customers with powerful AI automation and insights to grow revenue, control costs, mitigate risk, and...Who we are: Icertis is the only contract intelligence platform companies trust to keep them out in front, now and in the future. Our unwavering commitment to contract intelligence is grounded in our FORTE values—Fairness, Openness, Respect, Teamwork and Execution—which guide all our interactions with employees, customers, partners and stakeholders. Because in our mission to be the contract intelligence platform of the world, we believe how we get there is as important as the destination
Responsibilities:
- Integrated Security Operations – on a diverse estate with Defender for endpoints, MDI, CASB, M365 solutions. Ability to understand level 2, level 3 tickets and drive triage and remediation with participating teams
- Vulnerability Management – understand and articulate vulnerabilities across IT Operations, Cloud Operations and DevOps teams from various commercial/ open source best of breed tools.
- Security posture enhancement- ability to define prioritization (across application, infra, cloud platform vulnerabilities) and drive remediation approach, security posture enhancement leveraging Microsoft Security Scorecard
- Phishing simulation – Drive phishing simulation exercise on a periodic basis and program manage the lifecycle across tracking progress, communication, discussion with both IT and business teams for continuous improvements
- Attack surface management – understanding of an external vs internal attack surface management and an ability to carry out actions from ASM tools, reports
Skills:
- 7+ years of relevant experience & must have a bachelor’s in science or engineering degree with training in cyber security (preferred)
- Strong familiarity with cloud capabilities and products and services for Azure, and demonstrated expertise across Security Operations (level 2, level 3 ticket management) and Incident response.
- Vulnerability management – working knowledge on best of breed products in the commercial / open-source space for Vulnerability management (likes of Qualys, nessus, Burpsuite etc.) and an ability to configure dashboard with commercial or custom solutions within an Azure ecosystem
- Remediation, patch management- Understanding and articulation of vulnerability remediation across the above estate, with an ability to remain contextual and prioritize remediation for a given ecosystem (cloud, devops, etc.).
- Familiarity with security posture management scorecards and typical recommendations on continuous improvement (for an Azure enterprise)
- Communication skills: Ability to interact with a broad cross-section of personnel to explain and enforce security measures with a grounded understanding of CVE scores, asset criticality, prioritization, compensatory controls.
- Knowledge of scripting languages like PowerShell and Python for automation.
- Threat hunting – experience, exposure to the concept and custom handling of threat hunting scenarios.
- Compliance driven dashboards – an ability to configure and dashboard security posture for some of the leading Compliance standards impacting Information Security (such as NIST)
- Custom visualization expertise – in creating tailored dashboards, views specific to vulnerability management on Sentinel.
- Code review – articulation of recommendations in a dynamic product engineering environment for javascript based components (likes of nodejs), SQL programming (MS SQL), Elastic search (scripting, automation, index management) etc.
- Attack surface management – configuration and implementation of ASM tools
Icertis is not open to third party solicitation or resumes for our posted FTE positions. Resumes received from third party agencies that are unsolicited will be considered complimentary.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ASM Automation Azure Burp Suite CASB Cloud Compliance DevOps Incident response JavaScript MSSQL Nessus NIST Node.js Open Source PowerShell Privacy Python Qualys Scripting Sentinel SOC SQL Vulnerabilities Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.