Job
Description
Salesforce - the leader in enterprise cloud computing and one of the top 10 places to work according to Fortune magazine - is seeking Security Event Analysts to join an exciting new Security Operations team within our world-leading security program. The Security Event Analyst will be part of the monitoring and triage arm of Salesforce Security, responsible for analysing events across a large and complex environment in order to identify security incidents and protect our customers. Security Event Analysts use their exceptional judgment and security expertise to distinguish truly interesting events from "noise". In a typical hour, an analyst might examine a malicious email, investigate an unusual login, and analyse a PC with a potential malware issue. Between these events, they will interact with Salesforce colleagues around the world, who contact Security Event Analysts with issues ranging from missing laptops to suspicious devices found in our offices.
A successful Security Event Analyst will have acute attention to detail, a healthy dose of paranoia and a logical approach to analysis and problem solving. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognising familiar elements within complex situations.
This position is based in our brand new facility in Hyderabad, India. As a 24/7 team, Security Event Analysts work shifts which include nights and weekends. The role is a key part of our global information security team, involving daily interaction with the Salesforce CSIRT and other security teams, which means fluent English is essential.
Required Skills & Experience
College graduate, with a major focused on information security
Proficient coding/scripting skills are added advantage
Strong interest in information security, including awareness of current threats and security best
practices and different attacks and their detection methods
Familiarity with concepts of security incident response, vulnerabilities vs threats vs actors,
Indicators of Compromise (IoCs), network security, OS/system security, Malware Analysis,
etc.
Familiarity with security controls on Linux and Windows, including in Active Directory.
Knowledge of email security threats and security controls, including experience analysing email
headers
Strong technical understanding of network fundamentals and common Internet protocols,
specifically DNS, HTTP, HTTPS / TLS, and SMTP