Job Description

:Overviewis on the forefront of technology innovation, delivering breakthroughs and trusted insights in electronic design, simulation, prototyping, test, manufacturing, and optimization. Our ~15,000 employees create world-class solutions in communications, 5G, automotive, energy, quantum, aerospace, defense, and semiconductor markets for customers in over 100 countries. Learn moreOur powerful, culture embraces a bold vision of where technology can take us and a passion for tackling challenging problems with industry-first solutions. are integral parts of our culture and drivers of innovation at Keysight. We believe that when people feel a sense of belonging, they can be more creative, innovative, and thrive at all points in their careers.Responsibilities

• The security specialist is responsible for handling alerts which require technical triage and analysis. This may include web attacks, malware infections, and phishing campaigns, which have been identified by the Information Risk & Security teamxe2x80x99s technology stack.
• Utilizing SIEM solutions and a variety of other security devices found in a SOC environment (e.g. Behavioral Analytics tools, IDS/IPS, log management tools, and security analytics platforms) to triage security events.
• Providing consistent high-quality documentation in all aspects of communication including security events handling, escalations, processes, stakeholder communications. Etc.
• Use the internal ticketing system and dashboards to update the tickets/alerts accordingly and escalating them to the appropriate teams if necessary.
• Act as a point of escalation for tier 1 SOC security analysts and escalation to Tier 3 in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques.
• Act as the shift lead for operational issues during shift.
• Mentor Tier1 security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks/tools in support of technologies managed by the Security Operations Centre
• Ensuring proper documentation and maintenance throughout security event lifecycle.
• Participate in security incident management and vulnerability management processes.
• Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats.
• Effective communication with peers, business partners from all levels of management.
• Prepare Monthly Metrics regarding the tools/projects owned.
• Provide recommendations in tuning and optimization of security systems, SOC security process, procedures, and policies based on observations.
• Define, create, and maintain playbooks, SOPxe2x80x99s, and project-built documents.
• Follow ITIL practices regarding incident, problem and change management.
• Staying up to date with emerging security threats including applicable regulatory security requirements.
• Other responsibilities and additional duties as assigned by the management.

• Preferred Information Security professional
• 7-8 years of previous Security Operations Centre Experience in conducting security investigations
• Demonstrated skills in digital investigations including computer forensics, network forensics, malware analysis and memory analysis, email security, Data Loss Prevention techniques.
• Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents.
• Detail oriented with strong organizational and analytical skills.
• Strong written communication skills and presentation skills
• Self-starter, work independently and adjust to changing priorities, critical and strategic thinker.
• Experience leveraging core security and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)
• Experience in various SOC tools like SIEM, EDR, Email Security, WAF, Network Segmentation, etc.
• Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products
• Strong understanding of security incident management, malware management and vulnerability management processes
• Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP,DNS
• Documentation; experience in writing reports and documenting tickets efficiently and accurately.
• A bachelorxe2x80x99s degree in a relevant area of study with a preference for Information Security, Computer Science or Computer Engineering. BTech/MTech preferred.
• Equivalent certifications in (Network+, Security+, CySA+, GSEC, GMON, etc.).
• Excellent English written and verbal skills.
• Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives.
• Experience in large, geographically diverse enterprise networks.
• Ability to build lasting relationships with partner teams and stakeholders.

Keysight Technologies