Security Analyst

About Cognizant Corporate

Cognizant Corporate is a global community united by a shared purpose: to make a meaningful impact. We are committed to excellence and driven by outcomes that matter. Collaboration is at the heart of how we work, and our forward-thinking mindset fuels continuous learning, innovation, and growth.

At Cognizant, careers transcend titles. We empower our people to think strategically, inspire others, and lead with purpose – always guided by our core values. Join us in shaping future of business. Could you be the one to make a difference?

On the Corporate Security team at Cognizant, we challenge ourselves every day to continuously meet the highest standards of security. Our purpose is to deliver world class security and risk management capabilities to protect and enable Cognizant's trusted global business while creating client value and competitive differentiation. From oversight and coordination of security efforts to compliance and risk management, the Corporate Security team's responsibilities span across multiple partners and clients in the marketplace to defend against today's threats. Come join us and help build more secure and resilient infrastructure for the future

Summary

This role falls under the Health Care Security Operations Center, helping to secure integrated businesses, working with the Corporate Security team to verify and validate logs sources and respond to threats. The Security Analyst will monitor logs in a Security Information and Event Management (SIEM) platform and conduct Detection and Response activities that align with the Corporate Enterprise Security Monitoring plan.

This is a Tier 1 position within a team that focuses on 24/7 monitoring and reporting of security events and incidents leveraging a SIEM tool and several other security tools within a security suite. Successful candidates must be inquisitive, detail-oriented, and have strong problem-solving skills to quickly address anomalies. Ideally, the candidates for this role thrive in diverse and fast-paced environments.

Responsibilities

• Monitors various log sources from tools and applications such as Endpoint Detection and Response (EDR) logs, Intrusion Prevention/Detection Systems (IPS/IDS), firewall logs, Windows logs, Linux operating system logs, etc.
• Analyze true positive incidents and provide detailed analysis comments for respective support / business functions to take corrective / remedial / compensatory actions
• Escalate high or critical incidents or complex security alerts to Senior Security Analysts.
• Monitor Data Loss Prevention alerts and respond to associated events as appropriate.
• Track and update security incidents over the course of the incident lifecycle.
• Participate in reviewing, validating, and continuously evaluating the efficacy of logs for quality and relevance

o Documentation of log event types

o Updating new log event types

o Mapping existing and new use cases to log source types

o Recommending new use cases, as appropriate

• Prepare documents and reports as requested.
• Attend meetings and training as required.
• Participate in knowledge sharing sessions.
• Recommend documentation improvements.
• This is a 2nd shift position (12pm-8pm EST)

Basic Qualifications

• 1 or more years of Security Operations Center experience
• Some IT exposure (certification, self-learning, or job experience)
• Industry standard security certification (i.e., Security+, CeH, CCNA, or other entry-level security certifications)

o Additional certifications will be reviewed by management.

• Communication skills (i.e., provide reports to management, escalate issues, etc.)

Preferred Qualifications

• Bachelor's degree in computer science, information security, or a related field
• Experience in SIEM software and EDR tools.
• Well versed in log analysis on various log sources from Next-Gen firewalls, Domain Controllers, Linux operations systems, Anti-Virus logs, EDR/XDR, IPS/IDS, router and switch logs, etc.
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with other members.
• Experience in Threat hunting, log integration, and incident case management.
• Preferred 1-2 years of Security Operations Center experience.
• Preferred 1-2 years of general IT support experience.
• Any experience with networking or scripting/programming is a plus.

Work model:

We strive to provide flexibility wherever possible. Based on this role's business requirements, this is a remote position open to qualified applicants in the United States. Regardless of your working arrangement, we are here to support a healthy work-life balance though our various wellbeing programs.

The working arrangements for this role are accurate as of the date of posting. This may change based on the project you're engaged in, as well as business and client requirements. Rest assured; we will always be clear about role expectations.

We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role.

Salary and Other Compensation:

Applications will be accepted until January 9, 2025.

The annual salary for this position is between $75,000 - $85,000, depending on experience and other qualifications of the successful candidate.

This position is also eligible for Cognizant's discretionary annual incentive program, based on performance and subject to the terms of Cognizant's applicable plans.

Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

• Medical/Dental/Vision/Life Insurance
• Paid holidays plus Paid Time Off
• 401(k) plan and contributions
• Long-term/Short-term Disability
• Paid Parental Leave
• Employee Stock Purchase Plan

Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.