Incident Response Analyst

Job Description Role: Product Security Incident Response Analyst About the position:We are looking for an Analyst on the Product Security Incident Response team (PSIRT). This position will focus on various product security incidents reported from stakeholders including customers, bug hunters, security researchers and other security organizations. In addition, this role will be responsible for improving operational security in APIs using API Security Framework by deploying, monitoring and triaging various items reported. Responsibilities include:

• Review security issues reported in products by customers, bug hunters, security researchers, triage and help Engineering teams to mitigate those security issues
• Track the security issues reported as PSIRTs from various stakeholders to closure and support in publishing advisories and customer communications
• Create test cases, threats and abuses for various teams from PSIRT findings and help Product security, Red team and QE teams to embed them in their processes
• Create guidelines and best practices for Engineering teams based on recommendations for mitigating PSIRT issues
• Asist in deploying API security solution in in FEDRAMP High environment for monitoring abuses around APIs
• Assist on automation using Ansible/Salt stack to build deployment pipeline for API security solution on K8s and VM based environments
• Help in achieving membership with various PSIRT organizations such as FIRST.ORG and other CERT orgs.
• Automate security tasks using scripting languages such as python.
• Partner with internal teams to help on security incidents to contain, triage and remediate those incidents.
• Support teams by being a Remediation Champion giving them guidance on various strategies to remediate a vulnerability and supporting them in their testing and validation efforts.
• Understand and promote CWE, CVSS, CVE, and additional vulnerability ratings and methodologies

• Experience 1 to 3 Yrs in Security
• Should possess relevant university degree and/or professional qualifications/certification (e.g. CEH, OSCP)
• Must have knowledge with tools NMAP, Burp, Binary analysis tools such as Ida pro, Binwalk etc and other tools such as Tenable, Qualys etc.
• Must have the ability to understand new technologies adopted and products and applications being developed.
• Must have understanding of OWASP Top 10 security flaws for web, mobile and API and how to test, triage and mitigate them.
• Must have sound understanding of SANS Top 25 and on the cusp 40 + OWASP CWEs.
• Must have an understanding of SIEM tools such as Sumo logic.
• Must have knowledge and understanding on security best practices, standards and guidelines for various technologies including containers, Hardware, IoT etc.
• Should have knowledge on automation frameworks such as Ansible or Salt Stack.
• Knowledge of Cloud Applications like AWS, Azure and other SAAS Applications
• Excellent written and verbal communication skills.
• Self-motivated, curious, knowledgeable pertaining to news and current events.
• Ability to be effective in a remote global work environment