Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Security Information and Event Management (SIEM)

Good to have skills :

NA

Minimum

3

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: Senior Security analyst will ensure the daily operations of monitoring and review within an information security environment. Roles & Responsibilities: o Analyze potential infrastructure security incidents using Sentinel and/or Splunk or Sentinel to determine if incident qualifies as a legitimate security breach. o Perform network incident investigations, determining the cause of the security incident and preserving evidence for potential legal action o Interface with technical personnel and others teams as required o Produce security incident reports and briefings to be distributed to the team lead and manager o Configure and manage Infrastructure Security and SIEM solutions. o Design, develop and create correlation rules within the Security Information and Event Management (SIEM) platform o Monitor devices and correlation tools for potential threats o Initiate escalation procedure to counteract potential threats/vulnerabilities o Appropriately inform and advise management on incidents and incident prevention o Implements continuous improvement measures on daily basis o Identify, assess, and resolve complex issues/problems within own area of responsibility o Provide Incident remediation and prevention documentation o Document and conform to processes related to security monitoring o Participate in knowledge sharing with other analysts and develop solutions efficiently o Coordinate or participate in individual or team projects o Write technical articles for internal knowledge base o Provide performance metrics as necessary o Develop and optimize technical processes and coordinate procedure documentation. Professional & Technical Skills: o At least 5+ years of experience in Information Security, Risk Management, Infrastructure Security and Compliance o Good understanding of Security Information and Event Management concepts and hands-on experience on Sentinel and/or Splunk. o Work experience in Virtual, AWS and Azure environments o Previous Sentinel and /or Sentinel and/or Splunk administration or development experience o Installations, Configuration and troubleshooting of any security devices (e.g., firewall, IDS, etc.) o Basic level of expertise in UNIX, Linux, and Windows Operating System o Complete understanding of TCP/IP, HTTP, HTTPS, SSL, Protocols. o Port scan and Vulnerability scanning techniques should have hands on experience. o Exploit and detection analysis skills, including ability to analyze logs for useful information and patterns o Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring. o Good understanding and experiences with Infrastructure Security, Risk assessment and Security Information and Event Management. o Good understanding of frameworks such as ISO 27001/27002, COBIT, and other relevant compliance such PCI, HIPAA, SOX, FISMA, and others that are required for Security Information and Event Management. Additional Information: o Experience working in a diversified, virtual environment. o Administrational tool development and maintenance. o Desirable to have some certifications such as CISSP, ITIL, CISA, CISM and GIAC-GCIA, GCIH o A 15-year full time education is required. o Bachelor's and above degree in Computer Science, Information & Technology, MIS, Engineering.




15 years full time education