DFIR Incident Handler Analyst

Corporate Security at Cognizant is an enterprise-wide oversight body responsible for the overall security posture of the organization’s physical (tangible) and data (intangible) assets. The group is responsible for aligning the enterprise-wide security requirements to business goals through strategic governance and continuous assurance processes. The governance process encompasses development and implementation of policies, standards, best practices and reference frameworks around Risk Management, Data Loss Prevention, and data protection. The continuous assurance functions like security risk assessments and audits, security monitoring, and policy compliance activities facilitates strict adherence to enterprise, client, and global regulatory and security requirements.

Cognizant Corporate Security is looking for a DFIR (Digital Forensics and Incident Response) Incident Handler Analyst to work on the ‘front lines’ for its Corporate and Healthcare services line of business. We are looking for a passionate, experienced incident response professional to serve as a key player in our incident response process and work with our global incident response team to track and manage information security events and incidents.

• Experience managing high impact, high visibility incident response events and incidents of various types, including APTs, vulnerability exploitation, web applications, and possible data exfiltration
• Understanding and knowledge with collecting, analyzing, and escalating security events
• 4+ years in Information Security
• 2+ years in DFIR
• Experience working in fast-paced 24x7 operational environments
• Able to communicate in a professional manner during high-stress situations
• Use project management skills in tracking and reporting on incident status and progress
• Understanding of common tools used in event analysis, incident response, computer forensics, and malware analysis
• Experience with EnCase and/or Magnet a plus
• Thorough understanding of cyber security operations, including alert monitoring and SIEM tools
• Understanding of standard network protocols
• Understanding of security controls for common devices, including Windows, IPS/IDS, proxy, EDR, firewalls, and email security
• Knowledge of Mitre ATT&CK and cyber kill chain frameworks
• Relevant industry certifications, such as but not limited to GCIA, GCIH, GDAT, GCFE, and GFCA
• Strong technical experience in three of the five areas below
• Host forensics (Windows / Mac / Linux)
• Network traffic analysis
• Log Review
• Malware triage
• Cloud technologies, including AWS, Azure, and GCP
• Experience in enterprise security and how various technologies work together for increasing threat detection and streamlining incident response including EDRs, SIEMs, and others

• Become part of the flag ship’s success story - We go through enormous growth!
• An organization driven by technology - We have a tremendous technology backbone
• Open, ‘can do’ team spirit
• An environment where you can make your own ideas a reality
• Drive your own career
• Competitive benefits package
• Scandinavian ways of working
• Opportunity to grow both professionally and personally (incl. Udemy)

Currently all interviews and onboarding are done online as all of Cognizant employees are working from home.

We will be looking forward to receiving Your CV.

Only suitable candidates will be contacted.

Stay up to date with our website careers.cognizant.com/global/en!
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.