Security Analyst

What makes Cognizant a unique place to work? The combination of rapid growth and an international and innovative environment This is creating many opportunities for people like YOU — people with an entrepreneurial spirit who want to make a difference in this world.

**The Role**:
**In your first few weeks in this role, you can expect to**:

- Configure, and manage endpoint security solutions (CrowdStrike Endpoint Security and MS Defender XDR).
- Monitor and respond to endpoint security incidents, identifying potential threats.
- Perform endpoint security audits and assessments to ensure compliance with policies.
- Ensure continuous updates and patches for endpoint security tools and operating systems.
- Collaborate with Service leads, business teams, infra teams, security operations and offer technical guidance.
- Understand the IT security requirements of the business and implement measures to satisfy those requirements in the most efficient manner.
- Handle priority, severity issues/incidents and escalations.
- Work on product roadmaps and compliment capability roadmaps like new functionality.
- Contribute to the Risk, Audit hygiene and governance for the function.
- Documentation of security infrastructure, process, run book and operational manuals.
- Reporting and log correlation using MS PowerPoint, Excel and SIEM solutions.

**SOC Management**:

- Administration, monitoring of the MS Azure Sentinel SIEM tool.
- Monitor security events and alerts from various sources including SIEM and endpoint security tools.
- Provide first-line analysis for potential security incidents and escalate as necessary.
- Provide accurate and priority driven analysis on cyber activity/threats.
- Collaborate with cross-functional teams to ensure proactive detection and mitigation of threats.
- Monitor external event sources for security intelligence and actionable incidents
- Document investigation results, ensuring relevant details are passed to senior analyst and stakeholders
- Monitor Devices, Services and their component's health and availability.
- Preparing Daily/Weekly/Monthly reports.
- Creation of offline playbooks and SOPs.
- Stay up to date with the latest endpoint security threats and vulnerabilities.
- Collaborate with threat intelligence teams to gather information on emerging threats.
- Assist in the identification, prioritization, and remediation of vulnerabilities across endpoints.
- Strong understanding of endpoint hardening and patch management.
- Hands-on experience with vulnerability management processes and tools - Tenable IO and CrowdStrike Spotlight
- Experience in Security Operations Centre (SOC) monitoring and incident response.
- Familiarity with SIEM (Security Information and Event Management) tools.
- Strong analytical skills to investigate and resolve security incidents.
- Familiarity with threat intelligence feeds and threat actor tactics, techniques, and procedures (TTPs).
- Understanding of the cybersecurity landscape and emerging threats.
- Knowledge of information security policies and frameworks (e.g., NIST, ISO 27001).
- Experience in ensuring compliance with relevant security standards and regulations.
- Ability to create detailed incident reports and recommend mitigation strategies.
- Strong communication skills to collaborate with internal teams and stakeholders

You'll receive an excellent salary and benefits package for your knowledge, expertise and flexibility. At Cognizant, taking care of employees is a priority:

- You can pursue innovative career tracks and opportunities here
- You can enhance your professional development through education and dedicated training
- We’ll give you the skills you need to keep pace with the changing workplace while our compensation, benefits and wellness packages help you stay healthy and plan for the future.