Job Description

To be part of a global security operations center and be responsible for - proactively identify threats and vulnerabilities; implement industry best practices; participate in the review and resolution of opportunities from both internal and external IT security audits; provide recommendations to the overall IT security posture of the organization; and participate in the creation of IT security awareness communications to the organization that adhere to corporate safety and security regulations
Responsibilities:

• Investigate and provide proper incident response to security alerts.
• Identify new security use cases and create required detection rules in the system.
• Assist and train team members on how to investigate and respond to various security threats.
• Manage and support wide range of security technologies including SIEM, EDR, Vulnerability Scanners, Identity and Access Management, Data Loss Prevention, and Cloud Security.
• Participate in security solution design and security consultation.
• Work with the customer point of contacts for any escalated incidents, security remediation.
• Create required dashboards and provide reports.
• Actively participate in customer meetings and give presentations.

• Bachelor's degree in Computer Science, Information Security, or an equivalent degree.
• 6+ years of working experience in Information Security.
• Have experience in integration of log sources, defining use cases, creation of new correlation rules, creation of dashboards, implementing best practices in SOC environment.
• Good understanding of security threats and mitigation strategies.
• Have in-depth knowledge on how to investigate and respond to various security alerts, and can able to create incident response procedures for same.
• Experience in multiple security tools as an administrator in the areas of SIEM, VM, EDR.
• Experience in installation, configuration, and administration of multiple security tools as an administrator in the areas of SIEM, VM, EDR.
• Certification in any of the following is a plus: CISSP, CEH, CHFI, CCSP, GCIH, GCIA.
• Demonstrated excellent response to critical incidents and security threats in the past.
• Excellent analytical, presentation, customer service and facilitation skills
• Ready to work in 24x7 Security operations.