Cisco Cybersecurity Incident Senior Analyst 

China, Shanghai 

171232396

RESPONSIBILITIES

Assist with setup and tune multiple security monitoring products and data feeds.

Assist in development of documented process for incident and alert handling

• Escalate to CSIRT investigators and external support teams to assist in analysis and event resolution.

• Document cases, procedures, analysis, and investigations accurately and thoroughly (including best-practice documentation).

• Inform higher-level priorities, improvements and problem resolutions to improve effectiveness of CSCO, CSIRT, InfoSec, and CSPO.

• Constructively challenge and improve existing tools, processes and procedures.

• Assist CSIRT with testing, deployment and continued enhancement of Cisco's security tools.

• Provide information security awareness training to new hires.

• Watch and identify the emerging threats globally. Tune the configuration of monitoring products to catch the possible attack to Cisco.

EXPERIENCE/ SKILLS REQUIRED

The right candidate will have about 8 to 10 years relevant experience in one or more of the following fields:

Network administration, TCP/IP knowledge and application in securing systems, investigating security incidents.

Experience on Cloud platform (AWS)

Demonstrate clear experience with UNIX/Windows operating systems

IT security with a focus on computer incident response, malicious code/exploits, anti-virus, etc.

Knowledge of SIEM tools (preferably Splunk)

Scripting skills (BASH, Python, PERL)

Familiar with Windows exploits, malware and malicious code trends

Demonstrate interest and knowledge in learning of security trends and malware analysis.

Fluent in English. Good communication and presentation skills. (China)

Degree in BS or equivalent. MS is a plus

CCNA, RHCE, MCSE, CISSP (will be a plus)