Cognitive Collective

Helping you find your next career in AI. Learn more about the job board on the Scale blog.

Are you a scaling AI startup? Email to be added to our board.

Cyber Defense Analyst

Abnormal Security

Abnormal Security

Bengaluru, Karnataka, India · Sterling, VA, USA
Posted on Tuesday, June 11, 2024

About the Role

Abnormal Security is a leading cyber security organization committed to maintaining the highest standards of cybersecurity. We are seeking a trained Security Operations Center (SOC) Analyst to be a part of our security operations team. The ideal candidate will play a crucial role in enhancing our security posture, triaging security events, ensuring timely escalation of security incidents, and fostering a culture of learning.

What you will do

  • Perform comprehensive analyses of security events and refine investigation steps for the Cyber Defense team.
  • Follow standard operating procedures for security event analysis, triaging and documenting alerts to identify and validate potential incidents, false positives, policy violations, intrusion attempts, and compromises.
  • Escalate confirmed security incidents and facilitate efficient communication and response.
  • Apply technical expertise in Endpoint Detection and Response (EDR), Cloud Detection and Response (CDR), and SIEM technologies to enhance threat detection and response capabilities.
  • Play a key role in continuously refining security playbooks, ensuring they reflect the latest industry standards.
  • Analyze vulnerability data to assess applicability and prioritize remediation efforts.

Must Haves

  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience to meet job requirements and expectations.
  • Knowledge of EDR, CDR, and SIEM technologies.
  • Strong understanding of cloud security, particularly in AWS environments.
  • Familiarity with Kuberenetes environments and associated security controls.
  • Excellent communications skills and the ability to collaborate across teams.
  • Knowledge of network protocols and concepts.

Nice to Haves

  • Relevant security certifications such as CISSP, CISM, GIAC, GCIH or equivalent.
  • Have 2+ years of experience in the security domain, including a detailed understanding of attacker techniques
  • Knowledge of scripting languages (Python, Bash, PowerShell)