Exciting,
Energetic,
Enterprising
and
Evolutionary

Security Analyst

Security Analyst

Job title                : Security Analyst

Location               : Bangalore

Experience         : 2+ years

 

Role

We are on the lookout for a talented individual who is passionate about Incident Analysis & Signature Development to work on our Web Security products. The individual will be joining a team with a proven track record in Bangalore India and be a part of our IndusGuard Suite of Products Unit. Primary focus of this role is to analyse attack incidents, root cause analysis of customer escalations and develop necessary Scanner & WAF signatures fixes, delivered to customers regularly.

 

Job Description

  • Single point of contact for customer escalations, incident analysis
  • Create customer specific signatures/WAF rules for Indusface WAS & WAF products to detect & protect from Web application vulnerabilities.
  • Reproducing vulnerabilities to understand the working of an exploit, etc. on need basis to verify existing WAS/WAF coverage.
  • Problem solving and troubleshooting skills are a must, as solutions to many problems might not be obvious.
  • Develop tools for the automation of security processes using Python, PERL, PowerShell, etc.
  • Collaborate with engineering teams to support/maintain/design backend applications and other operational platforms

 

Candidate Profile

2+ years of experience in the area of information security with strong understanding of security basics, network vulnerabilities and analysing/developing IPS/IDS/WAF signatures.

  • Good understanding of:
    • Firewalls, proxies, SIEM, antivirus, and IDPS concepts
    • Windows & Linux operating systems (REDHAT)
    • Network security, network layers (OSI Layer-3 and Layer-4)
    • Protocols like TCP/IP, DNS, HTTP, HTTPS, SSH etc.
    • Network Penetration testing and techniques
    • Identify and Analyse network vulnerabilities, Attack reproduction
    • Programming languages like C/C++, Java and Scripting language like Python, Perl, etc.
  • Hands-on experience in:
    • Web-app security  (SQL Injection, XSS, CSRF etc.), OWASP-10, SANS Top 25
    • Network analysis tools like tcpdump, Wireshark, Burpsuite
    • Crafting Regular Expressions, Verification & Validation
    • Vulnerability scanners, IDS/IPS, Application Firewall, VAPT tools: Metasploit, Nessus, etc.
    • Analysing existing or writing new POCs
  • Effective written and verbal communication skills.

 

Good to have

  • Developing security related tools / programs
  • Knowledge on Cloud infrastructure services
  • Virtualization software (VMWare , Virtual PC / Virtual Box , XEN , etc), VPNs
  • Knowledge on ModSecurity and Rule writing
  • Experience in any of Java, Test NG, Linux Scripting, shell scripting, Python, Perl

Experience/Knowledge in Amazon Web Services

Are YOU ready to get hired?