Cybersecurity Incident Senior Analyst jobs at Cisco in China, Shanghai

Threat Hunting Analyst:

CSIRT prefers a college graduate with IT technical experience in one or more of the following fields:

• Network, Systems (Windows or Unix) or Cloud administration (AWS/GCP/Azure)
• Enterprise Identity Management
• Web Application Development
• Security Operations Center incident handling/management/coordination
• SIEM technologies ideally Splunk
• Detection Engineering Pipeline (and the development of detection rules)
• Data Engineering Pipeline (and the onboarding of data for use for detections)
• Strong understanding of incident response, malicious code/exploits, anti-virus, etc.
• Understanding of computer forensics
• Automation Scripting (Python)
• Threat Intelligence
• Attack Surface Risk Management

QUALIFICATIONS

The successful candidate should have the following qualifications:

• Worked in a high pressure Global SOC environment handling incidents
• Familiar with Windows exploits, malware and malicious code trends
• Willing to work off-hours including rotational on-call shifts
• Demonstrate interest and knowledge of security trends and latest attacker activity
• Hands on experience with one or more areas of the following areas:
• IT Infrastructure services (DNS, Web Servers, Email, etc…)
• Networking
• Identity (Active Directory, Okta, Duo, Ping, Azure AD)
• Cloud Administration (AWS, Azure, Azure)
• Systems Administration (Linux, Windows)
• Familiar with Modern Cloud Applications and technology.
• Experience with SIEM tools e.g. Splunk and ideally Splunk Enterprise Security.
• Experienced ability to create SIEM Detection Rules based on latest Threats.
• Demonstrate good customer service, communications, and troubleshooting skills.

Degree in IT / CS / MIS / Information Security or equivalent operational experience. Post graduate degrees a plus.

RESPONSIBILITIES

The core responsibilities of the CSIRT analyst are:

Monitor and Respond to Security Alerts:

• Continuously monitor security alerts and incidents using Splunk and other security tools.
• Perform thorough analysis and investigation of security incidents to determine their scope and impact.
• Coordinate with other IT and security teams to remediate incidents effectively.

Develop and Implement Detection Strategies:

• Create and fine-tune Splunk detections to identify potential security threats and anomalies.
• Develop and maintain custom detection rules, alerts, and dashboards in Splunk.
• Ensure detections are comprehensive, accurate, and provide actionable intelligence.

Stay Ahead of Emerging Threats:

• Keep up-to-date with the latest cyber threats, attack vectors, and security trends.
• Develop and implement new detection techniques to address emerging threats.
• Conduct regular threat hunting activities to proactively identify potential vulnerabilities.

Technical Skills and Expertise:

• Utilize your broad technology skill set to address security challenges across various platforms, including modern cloud environments (e.g., AWS, Azure, Google Cloud).
• Apply your development skills to create automation scripts and tools to enhance SOC operations.
• Collaborate with IT and DevOps teams to ensure security is integrated into the development lifecycle.

In addition, the CSIRT Analyst will be accountable for the following:

• Escalate to CSIRT investigators and external support teams to assist in analysis and event resolution.
• Document cases, procedures, analysis, and investigations accurately and thoroughly (including best-practice documentation).
• Inform higher-level priorities, improvements and problem resolutions to improve effectiveness of Cisco CSIRT & InfoSec.
• Constructively challenge and improve existing tools, processes and procedures.
• Assist CSIRT with continued enhancement of Cisco's security tools.
• Develop and execute security controls, defences and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
• Conduct vulnerability assessments of applications, operating systems and/or networks.
• Respond to cybersecurity breaches, identify intrusions and isolate, block and remove unauthorized access.
• Research and evaluate cybersecurity threats and perform root cause analysis.
• Assist in the creation and implementation of security solutions.
• Learn quickly on the job as CSIRT tackles security solutions for various environments & technologies, including cloud technologies, that may be new to you and others on the team
• Provide information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems.

Job description

ob responsibilities includeworking out thermal solution for new product, using Flotherm to do thermal simulation, developing thermal test plan and completing thermal test.

ssential duties

Work with HW/Mechanical engineer to do the concept design for new product.

Use thermal & Fluid simulation tools such as Flotherm to do thermal simulation.

Cooperate with HW/ECAD/Mechanical engineer to optimize the board placement.

Search and choose cost-effective fan and thermal interface material.

Work with Mechanical/MPE to review the detailed manufacture process of heatsink.

Create thermal test and acoustic test plan, complete these tests according to schedule.

Solve thermal issue during NPI phase and sustaining phase.

Study advanced thermal solutions such as 3D vapor chamber heatsink, liquid cooling, etc, and apply them into new product which need it.

Technical skills

Rich experience on Flotherm software.

Familiar with product development process in network equipment industry.

Rich knowledge on the optical module thermal solution, high power density ASICsolution, fan speed control, acoustic test, wind tunnel test and thermal test.

Familiar with vapor chamber heatsink,heat pipe, thermo-siphon’s manufacture process.

knowledge about advanced thermal solution such asliquid cooling solution.

Familiar with PCB placement design and review process.

Familiar with Microsoft office software.

Ability to communicate in English

+ years experience innetwork equipment industry or other IT industry.