Cybersecurity Incident Senior Analyst

Apply
  • Location:
    Shanghai, China
  • Area of Interest
    Security
  • Job Type
    Professional
  • Technology Interest
    Security
  • Job Id
    1432792


RESPONSIBILITIES

The candidate is responsible to analyze and detect security events in monitoring reports generated using various data sources. Use correlation techniques effectively to determine true infections vs false positives.

This role involves extensive interaction with other teams in CSIRT to improve network security tools to support CSIRT's security monitoring and incident response services with in and closely with Cisco's new security operations center.

Assist with setup and tune multiple security monitoring products and data feeds.

Assist in development of documented process for incident and alert handling

In addition, this candidate will be accountable for the following:

• Escalate to CSIRT investigators and external support teams to assist in analysis and event resolution.

• Document cases, procedures, analysis, and investigations accurately and thoroughly (including best-practice documentation).

• Inform higher-level priorities, improvements and problem resolutions to improve effectiveness of CSCO, CSIRT, InfoSec, and CSPO.

• Constructively challenge and improve existing tools, processes and procedures.

• Assist CSIRT with testing, deployment and continued enhancement of Cisco's security tools.

• Provide information security awareness training to new hires. 

• Watch and identify the emerging threats globally. Tune the configuration of monitoring products to catch the possible attack to Cisco.


EXPERIENCE/ SKILLS REQUIRED

The right candidate will have about 8 to 10 years relevant experience in one or more of the following fields:

Network administration, TCP/IP knowledge and application in securing systems, investigating security incidents.

Experience on Cloud platform (AWS)

Demonstrate clear experience with UNIX/Windows operating systems

IT security with a focus on computer incident response, malicious code/exploits, anti-virus, etc.

Knowledge of SIEM tools (preferably Splunk)

Scripting skills (BASH, Python, PERL)

Familiar with Windows exploits, malware and malicious code trends

Demonstrate good customer service, communications using English, and troubleshooting skills.

Demonstrate interest and knowledge in learning of security trends and malware analysis.

Fluent in English. Good communication and presentation skills. (China) 


QUALIFICATION

Degree in BS or equivalent. MS is a plus

Certifications

CCNA, RHCE, MCSE, CISSP (will be a plus)

Message to applicants applying to work in the U.S. and/or Canada:

When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. and/or Canada locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. or Canada hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings.

Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday (for non-exempt employees), plus a day off for their birthday. Non-Exempt new hires accrue up to 16 days of vacation time off each year, at a rate of 4.92 hours per pay period. Exempt new hires participate in Cisco’s flexible Vacation Time Off policy, which does not place a defined limit on how much vacation time eligible employees may use, but is subject to availability and some business limitations. All new hires are eligible for Sick Time Off subject to Cisco’s Sick Time Off Policy and will have eighty (80) hours of sick time off provided on their hire date and on January 1st of each year thereafter.  Up to 80 hours of unused sick time will be carried forward from one calendar year to the next such that the maximum number of sick time hours an employee may have available is 160 hours. Employees in Illinois have a unique time off program designed specifically with local requirements in mind. All employees also have access to paid time away to deal with critical or emergency issues. We offer additional paid time to volunteer and give back to the community.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco typically pays as follows:

.75% of incentive target for each 1% of revenue attainment up to 50% of quota;

1.5% of incentive target for each 1% of attainment between 50% and 75%;

1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.

For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.

Share

Apply