Information/Cyber Security Analyst

Responsibilities:

• You will play a key role in the design and development of applications, including application security assessment, vulnerability assessment, penetration testing and source code review. 
• You will track the centralised log monitoring (SIEM) solution and monitor security feeds streaming from various sources, investigate intrusion attempts and perform in-depth analysis of exploits, indicators of compromise and other possible alerts generated by the SIEM tool. 
• You analyse a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident, event analysis and must possess knowledge of operating systems, TCP/IP networking, network attacks, attack signatures, defence countermeasures, vulnerability management, and log analysis.
• You will review and maintain network security on Zeotap and client VPCs, and suggest new security detection & protection solutions and tools to the Head of InfoSec.
• You explore and operationalise new security tools and technology at Zeotap.
• You conduct proactive threat research and offensive analysisYou actively participate in internal InfoSec compliance activities.
• You analyse the vulnerabilities reported by independent security researchers via Zeotap’s vulnerability disclosure program
• You adhere to zeotap’s company, privacy and information security policies and procedures
• You complete all the awareness training assigned on time

Requirements:

• 6 months - 2 years of experience in performing Security and Network Operations activities
• Good understanding of application security frameworks, vulnerability assessments and penetration testing (OWASP, SANS, PTES etc.)
• Theoretical knowledge about Security Operations Centre (SOC), SIEM monitoring tools- log analysis, packet analysis and packet capture tools, TCP/IP networking, and reverse engineering.
• Basic understanding of common databases and web technologies.
• Good understanding of cloud security.
• Knowledge on security testing tools like burp, nessus, metasploit.
• Solid knowledge of computer networks and common protocols: TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS, HTTP, and etc.
• Proficiency in one or more programming/scripting languages (Python, Go, C/C++).
• In-depth technical knowledge of Linux Operating Systems.
•