Acts as the focal point for maintenance and monitoring of all antivirus/endpoint detection and response systems and analysis and response to emerging malware and other security related events. Incumbent is responsible for ensuring security events rising to a defined threshold are escalated as security incidents and handled in accordance with Wolters Kluwer Incident Response Policy and Procedure. When applicable, the IT Security Analyst will involve the Incident Response Team, other IT Security team members, IT Security Management and as directed, Senior WK Leadership.

Wolters Kluwer Global Business Services (GBS) is designed to provide services to the business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity, and reduce time to market for products and applications.

We have an amazing opportunity for an IT security analyst in India, available within our Global Business Services division! The IT Security Analyst in India will be responsible for monitoring antivirus and endpoint detection and response systems and response to all emerging malware-related security incidents as well as responding to new security related intelligence in order to protect and enhance the confidentiality, integrity, and availability of Wolters Kluwer assets.

This position is in Pune, India. Working on-site in an office is strongly preferred.

As the IT security analyst, you will be responsible for maintaining the antivirus and anti-malware systems, ensuring they are kept up-to-date and configured appropriately. Additionally, you will assist with information gathering efforts during investigation into suspected and confirmed security incidents to protect personal and confidential information at WK. In this role, you will be required to demonstrate proficiency in incident analysis, malware analysis, data gathering and information synthesis in the area of antivirus and anti-malware systems management. Your role will also include interfacing with and responding internal business unit IT representatives and stakeholders at all levels during management of systems and emerging security incidents, real or simulated.

 Responsibilities:

Accountable for the day-to-day review and assessment of malware-related security events that may become or contribute to security incidents.Ensures work is compliant with WK enterprise policies, procedures, and the local business planSupports the investigation of reported security breaches and, in coordination with WK global security operations, develop procedures to respond to malware-related security incidents and assist with investigationsContributes to the analysis and delivery of findings to internal customers with impactful, comparative, interpretative malware analysis in a clear, consistent, and factual manner.Responsible for establishing communications bridges and meetings in support of efforts to remediate support issues with antivirus and anti-malware systemsProvide advice and assistance to operational teams related to their antivirus and anti-malware supportResponsible for aggregating information relevant to an antivirus/anti-malware support or emerging malware situation and synthesizing probable root causeResponsible for developing and recommending best course of action based on solid security principlesResponsible for ensuring knowledge of IT security, emerging malware-related, and persistent threat scenarios is currentResponsible for threat hunting using a variety of available sources and toolsResponsible for monitoring and reviewing logs from a variety of sources in support of WK security and incident response operationsResponsible for investigation into emerging incidents and initial network and host forensicsResponsible for reviewing threat intelligence sources in support of WK security situational awarenessResponsible for assisting in the development of malware and threat-related communications for potential dissemination to warn WK employees of an emerging situationResponsible for documenting malware threats and identifying procedures to avoid, mitigate or remediateResponsible for analyzing potentially malicious programs and software using a variety of tools to identify indicators of compromise (IOCs) that can be used in protective security systemsResponsible for assisting with the creation of documentation for related to antivirus/anti-malware systems and malware handling proceduresResponsible for providing antivirus, anti-malware and malware-related training and advice to team members on best security practicesResponsible for monitoring sources that identify zero-day threats and work to protect from themParticipate in research and development of malware protection tools and solutions

Other Duties

Performs other duties as assigned by the supervisor

Job Qualifications

Bachelor's Degree in Computer Science/MIS or equivalent experience

5+ years of total experience in Information Technology2+ years of professional experience in an information security function, including analyzing and applying information security, risk management, and privacy practices2+ years in an information security antivirus/anti-malware or malware analysis roleFlexible to work in a 24*7*365 Security Operations environmentRequired Interpersonal SkillsExcellent oral and written communication abilityAbility to present complex technical issues and findings to diverse audiences in both technical and non-technical parlance, both orally and in writingDiplomacy in working with customers and stakeholdersAbility to follow policy and procedureAbility to work in a team and at times perform under stressDemonstrate integrity in dealing with potentially sensitive data and restricted informationExceptionally self-motivated with a superior analytical, evaluative, and problem-solving abilitiesAbility to set and manage priorities judiciouslyRequired Technical SkillsKnowledge of basic security principles to include confidentiality, integrity, and availability; access control, authentication, and authorization; privacy and non-repudiationUnderstanding of security vulnerabilities and exposures, and from where they ariseFamiliarity with the Internet, its network protocols, and network applications and servicesKnowledge of network security issues and host/system security issuesUnderstanding of malicious code of various types and various threat vectorsExperience with Risk Analysis and Risk ManagementExperience in an incident response/security operations environment with threat hunting and identifying indicators of compromise (IOCs)Ability to perform basic network and host forensic procedures to determine root cause and level of compromiseExperience with reviewing logs from a variety of sources, to include host logs, network traffic logs and logs generated by security monitoring toolsUnderstanding of deception technologies to include honeypots/honeynets. honeytokensBasic understanding of programming and scripting, advanced knowledge a plusAbility to maintain incident records in support of WK recovery, regulatory and legal requirementsFamiliar with ITIL service management methodology.Prior experience in a 24x7x365 operations environment.Required Malware Analysis SkillsExpert level knowledge of antivirus/anti-malware solutions (McAfee ePO/ENS and Crowdstrike Falcon a plus)Through good communication and documentation, presents a consistent front to customers and stakeholdersAbility to synthesize data from technical skills listed above to understand and identify intruder techniquesAbility to utilize interpersonal skills listed above to communicate with customers and stakeholders and bring quick resolutionDemonstrated ability to analyze ongoing situations for the potential of a malware-related security incidentStrong technical skills in antivirus/anti-malware rollouts and upgrades.Strong technical skills in analysis and information gathering related to potential malicious code artifacts in a safe, secure mannerExperience and/or SME knowledge of ISO 27001, NIST 800-53, NIST CSF and PCI DSS.

Preferred certifications: CISSP, ITIL, CEH, GCIA, GNFA, GREM, GCTI