Job Opportunity: Information Security Analyst

Job Opportunity: Information Security Analyst

Location: Pune, Maharashtra
Company: Cotiviti
Job Type: Full-time

Cotiviti is on a mission to build a robust security infrastructure that proactively detects, mitigates, and prevents cyber threats, ensuring the safety and resilience of our information systems. We are actively seeking a dedicated and skilled Information Security Analyst with 3-6 years of experience in the Information Security domain. This is a fantastic opportunity to play a key role in protecting our organization from evolving cyber threats and enhancing the overall security posture of our systems.

Key Responsibilities

As an Information Security Analyst at Cotiviti, your responsibilities will be multifaceted, ensuring the organization’s information assets are secure and that any potential cyber threats are handled swiftly and effectively. Your primary responsibilities will include:

1. Managing Escalated Security Incidents: Take charge of escalated security incidents, promptly addressing and responding to potential threats. Utilize your expertise to conduct effective event management and monitor ongoing security issues, ensuring timely incident resolution.
2. Real-time and Post-mortem Incident Analysis: Play a vital role in conducting both real-time and post-incident analysis. Your work in this area will be crucial for identifying root causes and implementing remediation strategies to prevent future incidents.
3. Forensic Investigations and Root Cause Analysis: Use your forensic analysis skills to investigate and document incidents comprehensively. Conduct root cause analysis to understand vulnerabilities and close security gaps within our systems, ultimately preventing repeat occurrences.
4. Detection Rule Development and Optimization: Constantly refine and develop detection rules in our suite of security tools. This will ensure we stay ahead of evolving threats and have effective security measures that are proactive, not reactive. Your insights will help improve the accuracy of alerts and reduce the volume of false positives.
5. Documenting and Notifying Contacts of Security Events: Communication is key to a secure environment. Document all security events meticulously and notify relevant stakeholders and departments. Your role is essential in ensuring transparent communication across the organization regarding potential or active security incidents.
6. Participation in 24×7 Shift Rotation: This role requires you to participate in a 24×7 shift rotation, ensuring that we have continuous, around-the-clock coverage for incident response. Flexibility and commitment to availability are essential in this dynamic field.
7. Collaborative Improvement of Alert Systems: Work closely with internal teams to analyze and enhance alert mechanisms, ensuring accuracy in alerting and reducing unnecessary false positives. This collaboration will improve the overall security efficiency and response within the organization.
8. Threat Hunting and Analysis: Engage in proactive, hypothesis-based threat hunting exercises. You will analyze existing data to identify active threat groups and their tactics, techniques, and procedures (TTPs). This is a forward-looking approach designed to identify emerging threats and respond quickly.
9. Analytical Support for Complex Security Incidents: Provide advanced analytical support in responding to and managing complex security incidents. Brief key stakeholders on any ongoing cyber threats and incident statuses, keeping them informed and involved in critical response decisions.
10. Log Data and Network Traffic Analysis: One of your key technical responsibilities will be analyzing log data and network traffic, crucial for detecting active and potential threats. Maintain and update a comprehensive threat model, assessing the organization’s exposure to potential threats continually.

Required Skills

The role of Information Security Analyst demands a high level of technical expertise and relevant experience in various aspects of information security. The required skills include:

• Network Security: Solid understanding of network security principles, tools, and technologies to protect Cotiviti’s digital assets.
• Incident Management and Response: Demonstrable experience in incident management, allowing you to respond swiftly and effectively to security breaches.
• Endpoint Security: Experience in monitoring and managing endpoint security, ensuring vulnerabilities at the user level are minimized.
• Forensic Analysis: Ability to conduct forensic analysis as part of incident investigations, utilizing appropriate tools to identify the root cause of incidents.
• Vulnerability Assessment: Experience in identifying and assessing vulnerabilities in our systems to ensure all potential risks are mitigated.
• SIEM Rule Writing: Proficiency in writing SIEM (Security Information and Event Management) rules to automate and refine alerting processes, ensuring accuracy and efficiency.
• Cyber Attack Methodologies (MITRE): Knowledge of the MITRE ATT&CK framework and an understanding of common cyber attack methodologies to stay ahead of potential threats.
• Offensive Security Tools (Metasploit, OSINT): Experience using offensive security tools like Metasploit and OSINT (Open Source Intelligence) to simulate attacks and identify security weaknesses proactively.

Preferred Certifications

To excel in this role, having relevant certifications will be advantageous. Preferred certifications include:

• Certified Ethical Hacker (CEH): Validates skills in detecting vulnerabilities and identifying potential threats.
• Computer Hacking Forensic Investigator (CHFI): Provides the ability to conduct forensic investigations effectively.
• CompTIA Cybersecurity Analyst (CySA+): Demonstrates expertise in identifying and managing threats, securing network traffic, and implementing necessary security measures.

These certifications signify your commitment to maintaining and elevating your cybersecurity knowledge and skill set, equipping you to tackle advanced security challenges.

Why Join Us?

By joining Cotiviti as an Information Security Analyst, you will be part of a team dedicated to cybersecurity and protecting sensitive data. You will have the opportunity to work on challenging projects and gain experience in an ever-evolving field. If you’re passionate about information security and ready to tackle exciting challenges, we encourage you to apply.

Take this opportunity to advance your career in a dynamic and supportive work environment. Join us, and let’s work together to create a secure future!

Application Instructions:
To apply for this role, send your resume and cover letter to dinesh.kamalapuram@cotiviti.com. We look forward to welcoming you to the Cotiviti family.