Security Analyst

Information Technology, Bangalore, India

SECURITY ANALYST

ABOUT LOGMEIN

LogMeIn simplifies how people connect with each other and the world around them to drive meaningful interactions, deepen relationships, and create better outcomes for individuals and businesses. One of the world’s top 10 public SaaS companies, and a market leader in communication & conferencing, identity & access, and customer engagement & support solutions, LogMeIn has millions of customers spanning virtually every country across the globe. LogMeIn is headquartered in Boston with additional locations across North America, Europe, Middle East, Asia and Australia.

ABOUT ROLE
Analyst is responsible for monitoring, assessing, and remediating cybersecurity events to secure and protect proprietary, personal, and privileged electronic data. Utilize cybersecurity tools used to monitor and detect attacks and vulnerabilities in LogMeIn network. Monitor SIEM alerts for evidence of compromise and report security incidents. Analyze/assess security incidents in the network to recommend solutions and best practices.

Resource will function as a member of the Security Operation Center performing intrusion detection, prevention, and incident response. Must be able to operate as a member of a frontline team in a high tempo security operations, monitoring and analyzing custom alerts and dashboards. Provides feedback in assessing new threat vectors and the effectiveness of controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security incidents.

RESPONSIBILITIES
  • A solid foundation in networking fundamentals, with a deep understanding of TCP/IP and other core protocols.
  • Experience in enterprise intrusion analysis, SIEM and incident response.
  • The ability to analyze logs from various security devices and web servers.
  • Experience doing packet captures and interpreting them (e.g., tcpdump, Wireshark).
  • Familiarity with network architecture and security infrastructure placement.
  • Understanding of Windows and Unix operating systems, and command line tools.
  • Knowledge of attack vectors, threat tactics, kill chain and attacker techniques is a plus.
  • Experience with Cloud incident response is a plus (e.g., AWS, Azure)
  • Interpersonal skills sufficient to work with both technical and non-technical personnel at various levels in the organization.
  • Ability to elicit and communicate technical and non-technical information in a clear and concise manner.
  • An open mind, willingness to be challenged and strong desire to learn
  • Should be flexible to work during different shifts and possibly weekends
REQUIREMENTS
  • Experience: 1 to 4 years
OUR VALUES
Be Accountable - even when no-one is looking
Thrive Together - greatness comes from unlocking each other’s potential
Advance Confidently - we find opportunity and act on it
Collaborate Openly - our whole is greater than the sum of our parts
Engage Fearlessly - we speak up and listen