Job Summary
Collaborate with global cybersecurity teams to monitor investigate and respond to threats across Critical National Infrastructure environments using AlertLogic SIEM Splunk and Arcsight. Analyze high volume security events enhance detection content and support incident handling for Hi Tech clients in a hybrid work model while following day shift operations and ensuring strong cyber resilience.
Responsibilities
- Monitor security events in real time using AlertLogic SIEM Splunk and Arcsight to detect suspicious activity across Critical National Infrastructure environments and Hi Tech platforms
- Analyze correlated alerts to identify genuine security incidents while filtering out noise so that investigation efforts focus on the riskiest threats
- Investigate security incidents end to end by collecting logs reviewing contextual data and documenting clear timelines that support decisive response actions
- Coordinate with incident responders and infrastructure teams to contain threats eradicate malicious activity and validate successful recovery for affected systems
- Develop and refine detection rules and correlation searches in AlertLogic SIEM Splunk and Arcsight to improve alert fidelity and reduce false positives over time
- Create and maintain use cases and playbooks for common attack patterns targeting Hi Tech and Critical National Infrastructure environments to promote consistent incident handling
- Perform root cause analysis on significant incidents and propose pragmatic control enhancements that reduce the likelihood of recurrence and strengthen security posture
- Support vulnerability and configuration review activities by interpreting scan results and log data to highlight exploitable weaknesses in monitored systems
- Collaborate with application cloud and network teams to integrate new log sources into SIEM platforms and validate that events are normalized enriched and searchable
- Document investigation steps findings and corrective actions in case management tools with a high level of clarity that supports audit compliance and knowledge reuse
- Produce concise operational reports and metrics that summarize incident trends tool performance and emerging risks for consumption by technical stakeholders
- Contribute to continuous improvement of SOC workflows by suggesting automation tuning and process refinements that enhance efficiency and analyst experience
- Participate in tabletop exercises and scenario based simulations that validate incident response readiness for Hi Tech and Critical National Infrastructure services
- Assist with user awareness by sharing observed threat patterns and practical security hygiene recommendations that help reduce human related vulnerabilities
- Coordinate with global teams in a hybrid work model to ensure consistent day shift coverage and smooth handover of ongoing investigations where required
- Support adherence to regulatory and industry standards relevant to Critical National Infrastructure by aligning monitoring practices and documentation with policy expectations
- Engage in knowledge sharing sessions to spread expertise on AlertLogic SIEM Splunk and Arcsight so that team capabilities grow collectively over time
- Review new projects and technology changes impacting Hi Tech environments to provide input on logging monitoring and incident response requirements from the outset
- Participate in threat hunting activities by exploring unusual patterns in logs and developing hypotheses that uncover stealthy or previously undetected malicious activity
- Assist in evaluating and testing new security tooling or SIEM features that can improve detection quality analyst workflow and overall cyber defense effectiveness
Qualifications
- Demonstrate practical experience in operating and tuning AlertLogic SIEM for log ingestion correlation and alert triage across complex enterprise environments
- Apply hands on knowledge of Splunk searches dashboards and correlation rules to investigate incidents and deliver meaningful insights from high volume security data
- Utilize working experience with Arcsight content development event schema and use case implementation to support robust and scalable security monitoring
- Bring foundational understanding of cybersecurity principles including network security endpoint protection identity security and incident response lifecycle
- Show exposure to Hi Tech or technology driven business environments where rapid innovation cloud adoption and complex architectures influence threat landscapes
- Communicate technical findings clearly in both written and verbal form to diverse stakeholders so that recommended actions are understood and implemented
- Collaborate effectively in hybrid teams while managing time and tasks independently during day shift operations without the need for frequent supervision
- Display willingness to learn new security tools develop advanced SIEM skills and stay current with evolving threats that affect Critical National Infrastructure and Hi Tech sectors
- Hold a formal degree or equivalent experience in information security computer science or a related discipline that supports analytical and problem solving skills
Certifications Required
Preferred certifications include CompTIA Security Plus or equivalent SIEM focused training such as Splunk Certified Core Power User
コグニザントのコミュニティ:
私たちは、互いを尊重し支え合う優秀な人材の集まりです。社員一人ひとりが成長し、力を発揮できるよう、エネルギッシュで協力的かつインクルーシブな職場環境を大切にしています。
- コグニザントは、世界中に30万人以上のアソシエイトを擁するグローバルコミュニティです。
- 私たちは、より良い方法を夢見るだけでなく、それを実現します。
- 人、クライアント、企業、地域社会、そして環境に対して、常に「正しいこと」を行うことで責任を果たします。
- あなたにとって最適なキャリアパスを築くことができる、革新的な環境を提供します。
私たちについて:
コグニザント(NASDAQ: CTSH)は、AI builderおよびテクノロジーサービスプロバイダとして、AI投資を企業価値へとつなげるフルスタックのAIソリューションを提供しています。業界、業務プロセス、エンジニアリングに関する深い専門性を強みに、各企業固有のコンテキストをテクノロジーシステムに組み込み、人の力を最大限に引き出すとともに、具体的な成果の創出と、急速に変化する世界におけるグローバル企業の競争力維持を支援します。詳しくは、当社ウェブサイト www.cognizant.com をご覧ください。
コグニザントは機会均等を重視する雇用主です。応募者および候補者は、人種、肌の色、性別、宗教、信条、性的指向、性自認、国籍、障がい、遺伝情報、妊娠、退役軍人の地位、または連邦、州、地方の法律で保護されているその他の特性に基づいて差別されることはありません。
免責事項:
応募者は、対面またはビデオ会議による面接への参加を求められる場合があります。また、各面接の際に、現住所または政府発行の身分証明書の提示が必要となる場合があります。