Job Title:  Sr. Support Analyst

Job Code:  9330
Country:  IN
City:  Mumbai
Skill Category:  IT\Technology
Description: 

Nomura Overview:

Nomura is an Asia-headquartered financial services group with an integrated global network spanning over 30 countries. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its four business divisions: Retail, Asset Management, Wholesale (Global Markets and Investment Banking), and Merchant Banking. Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com

 

Nomura Services India, (Powai) supports Nomura’s businesses around the world. Powai’ s world class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support have played a key role in facilitating Nomura’s global operations and are an integral part of Nomura’s global expansion plans. The Powai operation is a critical part of the platform to support the growth of Nomura’s global business.

Division Overview:

 

The Global Information Security teams are responsible for the confidentiality, integrity and availability of the firm’s information and assets. Responsible for maintaining, communicating and raising awareness of the Policy. Facilitate the effective implementation and compliance of the firms polices.

The Global Information Security Team is based in Europe, Asia, India and America.

 

Business Unit Overview:

 

The team’s focus is to serve as the single point of contact for all Information security related queries, concerns and technologies. Provide a high standard of user and business support in a responsive and timely manner across all businesses, take responsibility and ownership for maintaining the global strategy and controls for the delivery and operational deployment of global security initiatives in a manner consistent with the common business goals and objectives.

 

Technologies Covered:

Endpoint and network security experience required; IDS, IPS, EDR, ATP, Malware defences and monitoring experience

Threat hunting experience preferred

Knowledge of common adversary tactics and techniques, e.g., obfuscation, persistence, Defense evasion, etc.

Knowledge of Mitre ATT&CK framework preferred

Working knowledge of incident response procedures

Experience with SQL query construction preferred

Experience with OS Query is a plus

Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc.

Strong understanding of Windows event log analysis

Programming and scripting skills - proficient knowledge of PowerShell is a plus

Excellent troubleshooting and analytical thinking skills

Excellent understanding on Malware Techniques and Malware analysis skills.

Strong documentation and communication skills

Passion for all things information technology and information security

Natural curiosity and ability to learn new skills quickly.

 

Skills & Experience

At least 2+ years of experience within a cybersecurity incident L3/ Advance investigation environment; experience in a leadership role is preferred

Experience in a security operations centre, or similar environment, and identifying indications of compromise or attack and responding to incidents

 

Position Specifications:

 

Corporate Title

Associate

Functional Title

Senior Support Analyst 

Experience

5 - 8 years

Qualification

B.E / B.Tech / MCA / M.Tech

Requisition No

 

 

 

Role & Responsibilities:

 

  • 5+ years of demonstrated experience in performing technical analysis and enrichment of pertinent attacks, threats and their indicators
  • Sound Knowledge on developing use cases in Elastic and EDR based on MITRE ATT&CK framework
  • Working knowledge of Machine Learning and User Behaviour Analytics as it pertains to baselining normal to determine outliers and anomalous behaviours.
  • Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats
  • Maintain supervision over operational tasks and provide day-to-day oversight for Incident Response Analysts and Incident Leads
  • Oversee analysts in their investigation and response activities when security incidents arise to determine possible cause and resolution
  • Effectively communicate information to stakeholders of all levels
  • Demonstrate experience in network and host-based intrusion analysis, incident response processes and procedures, digital forensics and/or handling malware
  • Acting as a lead throughout incident scenarios and provide subject matter expertise in cybersecurity incident response
  • Successfully executing incident handling procedures as well as direct response to cyber security incidents
  • Maintaining current knowledge and recognition of attacker tools, tactics, and procedures to produce indicators of compromise (IOCs) that can be utilized during active and future investigations
  • Assessing cyber threat intelligence/open source intelligence and operationalizing that information
  • Demonstrating real-world, hands-on experience dealing with sophisticated malware and dynamic cyber threat actors
  • Identifying current and emerging threats and application of such research

 

 

 

Mind Set

 

Mandatory

Desired

Domain

 

  • Mandatory hands on experience on below mentioned Domains / Tools: (Must have Any One) - Elasticsearch (ELK) / Sqrrl / Crowd strike / Fireeye Mandiant HX / SOAR / Cloud Incident Response
  • Hands-on experience on Sysinternals / Sysmo
  • Hands on experience Any Malware analysis tool like Cuckoo, Cisco threat grid, Threat connect
  • Strong knowledge of Cyber Detection technologies like (Advanced Threat Detection Tools, UEBA Tools, Network Packet Analysis, Endpoint Protection)
  • Should be able to investigation Spam and Malware samples.
  • Certifications Preferred: CISSP, CCSP, GCIH, GCFA

 

 

  • Strong communication skills, ability to work comfortably with different regions
  • Actively participate within internal project community  
  • Good team player, ability to work on a local, regional and global basis and as part of joint cross location initiative
  • Self-motivated, able to work independently and with a team
  • Able to perform under pressure.