Security Operations Analysts
About Cognizant Corporate Cognizant Corporate is a global community united by a shared purpose: to make a meaningful impact. We are committed to excellence and driven by outcomes that matter. Collaboration is at the heart of how we work, and our forward-thinking mindset fuels continuous learning, innovation, and growth. At Cognizant, careers transcend titles. We empower our people to think strategically, inspire others, and lead with purpose - always guided by our core values. Join us in shaping future of business. Could you be the one to make a difference? Security Operations Analyst This position will be primarily responsible for maintaining an operating environment consisting of security technologies. You will work closely with other team members to continuously improve visibility, detect and prevent threats, and provide reporting data to protect Belcan Customer IP, Belcan Employee data, and to support both IT and Regulatory Initiatives. Job Duties:
- Use Security Information and Event Monitoring and other native tools to monitor, respond to, and document security-related events on a 24x7 basis
- Detection, notification and escalation of appropriate security related events to the appropriate team
- Promptly respond to all security incidents and providing thorough post-event analysis
- Participate in incident response events
- Perform vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
- Proactively update documentation of systems, troubleshooting guides, policies and procedures
- Contribute to a knowledge-base of operational processes, troubleshooting, and problem resolution
- Participate in security tool tuning and improvement to minimize false positives and maximize detection and prevention of threats
- Maintain confidentially on all security matters
Qualifications:
- Strong troubleshooting skills
- Incident management and response experience
- Ability to perform TCP/IP Packet analysis
- Ability to analyze emails to detected phishing attempts
- Experience with SIEM and UEBA technologies
- Experience with Data Loss Prevention technology
- Experience with vulnerability management
- Experience with antivirus/antimalware remediation technology
- Understanding of networking concepts, such as firewall administration, VPN & Access Control, Routing and switching
- Windows system administration experience (both physical and virtual)
- Strong written and verbal communication skills
- Ability to multi-task across multiple technologies and work both independently and in a team environment
- US citizenship is required
Desired Skills:
- Understanding of
MITRE ATT&CK framework
- Experience working with a SOAR platform
- Experience with Intrusion Detection and Prevention technologies
- Experience with network monitoring tools
- Scripting experience with Python
- Experience working in
Unix/Linux Education:
- Bachelor's degree in Information Technology preferred
- Industry security certifications (Security+, GSEC, CySA+, etc.
) Work model We believe hybrid work is the way forward as we strive to provide flexibility wherever possible. Based on this role's business requirements, this is a hybrid position requiring 3 days a week in our office in Blue Ash, Ohio. Regardless of your working arrangement, we are here to support a healthy work-life balance though our various wellbeing programs. The working arrangements for this role are accurate as of the date of posting. This may change based on the project you're engaged in, as well as business and client requirements. Rest assured; we will always be clear about role expectations. We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role. Apply tot his job Apply To this Job