Require Analyst to be part of our Security Operation Center. Be part of the team that work on latest technologies and showcase your security skills to maintain and enhance the security posture of the company. Description YODLEE, INC.
Exempt or Non-Exempt*:
Yodlee Security Office
Reports to Sr. Manager, Infrastructure Security
List the essential duties and responsibilities of this job. The tasks may vary as business needs require. Yodlee maintains the right to modify job duties and responsibilities at its discretion.
Summary of Position:
Assume primary responsibilities for security operations (Security Monitoring, Alerts handling, Systems and Network Compliance, Vulnerability Life Cycle Management.
List 3 to 6 key responsibilities of the job
- Responsible for handling all security alerts – Review the alerts and handle them as per the process. This involves working with different groups and ensuring that all the alerts are closed in a timely manner. This position also contributes to the process improvements.
- Responsible for patch management process – This involves a) performing security impact analysis for the patches and vulnerabilities published by vendors other security research sites for different platforms ( Operating Systems, Web Servers and Network devices) b) Defining priority for the patch rollout c) Ensuring that the patches are rolled out in a timely manner d) Scanning the systems and other platforms to validate that the patches are applied and following up with various teams to address any gaps
- Responsible for Vulnerability Management Process – This involves a) Ensuring that vulnerability scans are run at scheduled time b) Scan results are analyzed in a timely manner c) Categorizing the vulnerabilities as per defined process d) Fixes are applied as per the vulnerability policy e) Tracking the open issues and follow up with different teams to address the open issues.
- Security Log Analysis – Monitor and analyze the logs from various security tools – Any events that need to be correlated from a security perspective to be researched and submitted to the tools team for the alert development
- Compile Security Metrics - Automate management reports based on information generated from different security tools – Compile security metrics and efficiency metrics for management review.
- Assist in providing requirements for new and existing security systems, tools, and applications
- Collaborate with different groups to ensure that their requirements and new initiaves adhere to information security policies and best practices
- Perform device reviews to ensure compliance with hardening standards, access controls and security related configuration settings
- Prepare security documentation including security procedures, standards, notifications and alerts in support of other Information Security teams within the Yodlee Security department.
- Assist in writing best practice procedures for the following services: Incident analysis, Incident response coordination, security audits or assessments, certificate authority, log analysis & diagnostics, and host vulnerability scanning
The qualification requirements below are representative of the knowledge, skills and abilities required to perform this job successfully. Employees who do not possess the requirements for a job at time of hire or transfer/promotion are expected to attain the skills, knowledge and abilities required within a reasonable period of time, as agreed upon, in writing, with the hiring manager. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
4 to 6 years’ experience working as a hands-on system, network or security administrator in a support role. Experience should include handling projects in an independent capacity and with extensive cross functional co-ordination.
Experience in handling security projects is required. The interview process will include a technical competency assessment of security knowledge, including both concepts and their application to typical scenarios.
- Prior work experience in SOC or NOC environment
- Familiarity needed with several key security technologies – Cisco Security products, Checkpoint firewalls, Juniper firewalls, DLP tools( MacAfee) , Source fire IDS, MacAfee SIEM , Certificate and key management tools, Firewall monitoring and OS compliance checkers.
- Prior System administration background in Linux/Unix
- Strong analytical and problem solving skills
- Demonstrated experience working in heterogeneous environment
- Excellent communication skills both verbal and written
- Knowledge of PCI and ISO 27001 regulations
- Experience in handling security projects
BS degree/Engineering Diploma in IT or related field
Security or Network certification is desirable, with preference given to current holders of CISSP, CISM, CISA or GIAC
Other Job-Related Requirements: (location, travel, minimum physical requirements)
This job specification should not be construed to imply that these requirements are the exclusive standards of the position. Employees will follow any other instructions, andperform any other related duties, as may be required.
About the company:
Yodlee started its operations in Redwood Shores, CA in the United States and that remains the company’s headquarters. It also has offices in the United Kingdom and in Bangalore with headcount over 700+ employee worldwide
Yodlee is a Financial Platform organization and was founded in 1999 by a group of tech-savvy entrepreneurs (Venkat Rangan - a professor at the University of California, San Diego; Sam Inala, Ramakrishna "Schwark" Satyavolu, Srihari Sampath Kumar - erstwhile Microsoft employees; Sukhinder Singh - earlier at Amazon.com and Junglee; and P Sreeranga Rajan - a researcher at Fujitsu Labs and at that time also a researcher at Stanford Research Institute) with a common vision to deliver on the true promise of the Internet and make it a valuable, productive, personalized experience for every user.