Security Event Analyst - Hyderabad - Salesforce
Salesforce as the company that open the jobs vacancy, have some qualification and spesification especially for the Security Event Analyst jobs vacancy. To find out more information and about qualification and spesification details, walkin interview schedule, the address of the company, the company contact info (email/phone number) of Salesforce company, please start to apply for the job vacancy with fill the jobs application with click the 'Apply This Job' button below.
Job Specification - Security Event Analyst (24/7)
Salesforce – the leader in enterprise cloud computing and one of the top 10 places to work according to Fortune magazine – is seeking Security Event Analysts to join an exciting new team in our world-leading security programme.
The Security Event Analyst will be part of the monitoring and triage arm of Salesforce Security, responsible for analysing events across a large and complex environment in order to identify security incidents and protect our customers.
Security Event Analysts use their exceptional judgment and security expertise to distinguish truly interesting events from "noise". In a typical hour, an analyst might examine a malicious email, investigate an unusual login, and analyse a PC with a potential malware issue. Between these events, they will interact with Salesforce colleagues around the world, who contact Security Event Analysts with issues ranging from missing laptops to suspicious devices found in our offices.
A successful Security Event Analyst will have acute attention to detail, a healthy dose of paranoia and a logical approach to analysis and problem solving. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognising familiar elements within complex situations.
This position is based in our brand new facility in Hyderabad, India. As a 24/7 team, Security Event Analysts work shifts which include nights and weekends. The role is a key part of our global information security team, involving daily interaction with the Salesforce CSIRT and other security teams, which means fluent English is essential.
Required Skills & Experience
Strong interest in information security, including awareness of current threats and security best practices
Familiarity with system administration and security controls on Microsoft Windows and Linux
Experience investigating security issues and / or complex operational issues on Windows and Linux
Knowledge of email security threats and security controls, including experience analysing email headers
Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, and SMTP
Experience analysing network traffic using tools such as Wireshark, either to investigate security issues or complex operational issues
Experience reviewing system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues
Desired Skills & Experience
The following items are not hard requirements but would be an advantage:
At least one year of experience in a dedicated Information Security role, or a relevant specialist degree (e.g., information security or digital forensics)
Relevant information security certifications such as GCIH, GCIA, CEH, GSEC, SSCP, or CISSP
Familiarity with system administration in a Windows Domain / Active Directory environment.
Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.
Experience with operational security monitoring or security incident response, preferably within a Security Operations Centre (SOC) or incident response team
Familiarity with system administration and security controls on MacOS
Experience coordinating incident response, troubleshooting, or other complex issues across a global organisation
Familiarity with Salesforce Sales Cloud (CRM) or Service Cloud
Experience with SIEM systems such as Splunk, AlienVault, QRadar, ArcSight or similar
Active involvement in the information security community
#LI - MH