Salesforce – the leader in enterprise cloud computing and one of the top 10 places to work according to Fortune magazine – is seeking Security Event Analysts to join an exciting new Security Operations team within our world-leading security program.
The Security Event Analyst will be part of the monitoring and triage arm of Salesforce Security, responsible for analysing events across a large and complex environment in order to identify security incidents and protect our customers. Security Event Analysts use their exceptional judgment and security expertise to distinguish truly interesting events from “noise”. In a typical hour, an analyst might examine a malicious email, investigate an unusual login, and analyse a PC with a potential malware issue. Between these events, they will interact with Salesforce colleagues around the world, who contact Security Event Analysts with issues ranging from missing laptops to suspicious devices found in our offices.
A successful Security Event Analyst will have an acute attention to detail, a healthy dose of paranoia and a logical approach to analysis and problem-solving. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognising familiar elements within complex situations.
This position is based in our brand new facility in Hyderabad, India. As a 24/7 team, Security Event Analysts work shifts which include nights and weekends. The role is a key part of our the global information security team, involving daily interaction with the Salesforce CSIRT and other security teams, which means fluent English is essential.
- Strong interest in information security, including awareness of current threats and security best practices
- Familiarity with system administration and security controls on Microsoft Windows and Linux
- Understanding of Windows, Linux, Mac operating systems and command-line tools.
- Knowledge of email security threats and security controls, including analyzing email headers
- Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP
- Passionate to analyze event and systems logs, perform forensic analysis, analyze malware, and other incident response related data, as needed.
- Knowledge of analysing network traffic using tools such as Wireshark, to investigate either security issues or complex operational issues
- Basic knowledge of system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues
Desired Skills & Experience
The following items are not hard requirements but would be an advantage:
- A relevant specialist degree (e.g., information security or digital forensics)
- Relevant information security certifications such as CEH, Security+, CCNA, etc.
- Familiarity with system administration in a Windows Domain / Active Directory environment
- Familiarity with concepts of security incident response, e.g., the typical phases of the response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.
- Interest in coordinating incident response, troubleshooting, or other complex issues across a global organisation
- Familiarity with Salesforce Sales Cloud (CRM) or Service Cloud
- Knowledge of SIEM systems such as Splunk, AlienVault, QRadar, ArcSight or similar
- Active involvement in the information security community
Location: Hyderabad and Pune