[Remote] Security Analyst

Note: The job is a remote job and is open to candidates in USA. Cognizant Corporate is a global community united by a shared purpose to make a meaningful impact. The Security Analyst role involves monitoring logs and conducting detection and response activities to ensure security within the Health Care Security Operations Center, focusing on protecting integrated businesses and responding to threats.

Responsibilities

• Monitors various log sources from tools and applications such as Endpoint Detection and Response (EDR) logs, Intrusion Prevention/Detection Systems (IPS/IDS), firewall logs, Windows logs, Linux operating system logs, etc
• Analyze true positive incidents and provide detailed analysis comments for respective support / business functions to take corrective / remedial / compensatory actions
• Escalate high or critical incidents or complex security alerts to Senior Security Analysts
• Monitor Data Loss Prevention alerts and respond to associated events as appropriate
• Track and update security incidents over the course of the incident lifecycle
• Participate in reviewing, validating, and continuously evaluating the efficacy of logs for quality and relevance
• Documentation of log event types
• Updating new log event types
• Mapping existing and new use cases to log source types
• Recommending new use cases, as appropriate
• Prepare documents and reports as requested
• Attend meetings and training as required
• Participate in knowledge sharing sessions
• Recommend documentation improvements
• This is a 2nd shift position (12pm-8pm EST)

Skills

• 1 or more years of Security Operations Center experience
• Some IT exposure (certification, self-learning, or job experience)
• Industry standard security certification (i.e., Security+, CeH, CCNA, or other entry-level security certifications)
• Additional certifications will be reviewed by management
• Communication skills (i.e., provide reports to management, escalate issues, etc.)
• Bachelor's degree in computer science, information security, or a related field
• Experience in SIEM software and EDR tools
• Well versed in log analysis on various log sources from Next-Gen firewalls, Domain Controllers, Linux operations systems, Anti-Virus logs, EDR/XDR, IPS/IDS, router and switch logs, etc
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with other members
• Experience in Threat hunting, log integration, and incident case management
• Preferred 1-2 years of Security Operations Center experience
• Preferred 1-2 years of general IT support experience
• Any experience with networking or scripting/programming is a plus

Benefits

• Medical/Dental/Vision/Life Insurance
• Paid holidays plus Paid Time Off
• 401(k) plan and contributions
• Long-term/Short-term Disability
• Paid Parental Leave
• Employee Stock Purchase Plan

Company Overview

Company H1B Sponsorship