Boston Scientific Senior Cyber Security Analyst 

India, Haryana, Gurugram 

202146238

India-Haryana, Gurgaon

The Cyber Security Analyst will be responsible for managing the BSC Security Incident Response Operations.

The person will also be responsible for proactively finding, investigating, and mitigating advanced cyber threats targeting Boston Scientific. These responsibilities are accomplished through a combination of network traffic monitoring and analysis, proactive computer defense (CND) intelligence operations, cyber investigations, incident management, and malware analysis.

In order to effectively execute these tasks, the Cyber Security Threat Analyst develops good working relationships with IT Infrastructure, IT security, desktop support personnel and other stakeholders throughout the Enterprise. The Analyst also provides situational awareness to appropriate personnel through clear and concise communications.

Key Responsibilities:

• Focus on conducting full spectrum threat analysis resulting from CND Intelligence Operations information, threat reporting and ongoing incidents affecting the enterprise from advanced cyber threats.
• Should have exposure of handling investigations of security incidents over cloud infrastructure as per the Cloud Security best practices.
• Should have exposure of handling investigations of mail security incidents (phishing).
• Encourages investigations and research initiatives to move toward a more proactive state, resulting in advanced warning of cyber-attack, enhanced understanding of adversary collection requirements and new threat indicators that facilitate proactive threat discovery and mitigation.
• Must take the lead on providing situational awareness to appropriate personnel through clear and concise communications and promotes a proactive response to possible threats by staying current with, analyzing, and identifying mitigations for emerging threats to Boston Scientific’s IT Infrastructure.
• Malware Analysis using a defined set of analytical tools.
• Can serve on call when assigned.
• Communicate effectively with peers and other key stakeholders.
• Increase organizational threat awareness by providing briefings as required.
• Report findings and provide countermeasure recommendations and business cases based on standard security principles, policies, standards, and industry best practices.
• Promote a proactive approach to the changing threat landscape.
• Evaluate and recommend new security technologies, processes, and methodologies.
• Maintain and continually evaluate cyber threat intelligence sources for changes that increase effectiveness and timeliness.
• Assist with various other implementation tasks.
• Knowledge of Splunk, Crowdstrike, AWS and Azure Sentinel is a plus.
• Present threat intelligence, IOCs and develop measures that could be useful in detecting or preventing attacks.
• Collaborate with external entities and authorities to collect and share Indicators of Compromise (IoC) and discovered intelligence.
• Conducting research and track new exploits and cyber threats.
• Utilize ATT&CK to perform cybersecurity operations testing, and develop improvements to doing so, based on real adversary behavior.
• Evaluate the efficacy of existing detection mechanisms, analytics, and mitigations.
• Knowledge of SIEM and be able to conduct network, endpoint, and log analysis by utilizing SIEM/Tools consoles on a regular basis.
• Design and implement deception technology use-cases as part of a larger deception strategy.

Qualifications:

• Computer Science or Information Systems major related field experience with networking and IT Security.
• 7+ Years of Experience leading enterprise-level responses for major information security incidents.
• Good communication skills and experience answering inquiries is a must.
• Ability to read and understand system data, including, but not limited to, security event logs, Netflow and database structures.
• Understanding of analyzing forensic data concerning system and network security compromises.
• Experience with IT Security tools such as Anti-Malware, EDR, Web Proxy, Anti Phishing Mail Gateway, Firewalls is a plus.
• Experience with SIEM & EDR is highly desirable.
• Knowledge in deception tech and threat intelligence fields.
• Working knowledge of network/malware analysis is a plus.
• GIAC, CISSP, CEH, Security+ certifications are a plus.