Job Description

Description Noventiq is hiring! Noventiq\'s story is one of change. We grew, expanded, and adapted, learning more at each step. Now effecting change is at the heart of everything we do. And that doesn\'t just apply to our customers, it\'s how we feel about everyone who works with us. Noventiq (the brand name of Cyprus-registered Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity, headquartered and listed in London. The company enables, facilitates and accelerates digital transformation for its customers\' businesses, connecting 75,000+ organizations from all sectors with hundreds of best-in-class IT vendors, alongside its own services and solutions. With a turnover of US$ 1.1 billion in the fiscal year of 2021, Noventiq is currently one of the fastest growing companies in the sector. In October 2021, company \'Softline Holding plc\' got its primary listing on the London Stock Exchange (LSE:SFTL). Noventiq\'s growth is underpinned by its three-dimensional strategy to expand its geography, portfolio and sales channels. The strategy is supported by Noventiq\'s active approach to M&As, enabling the company to take advantage of the ongoing consolidation in the industry. Noventiq\'s 3900 employees work in almost 60 countries throughout Asia, Latin America, Eastern Europe and Africa-markets with significant growth potential. We\'re looking for Now we\'re looking for ( Security Delivery Specialist - L3) You\'ll be a part of our (SOC Team) at Noventiq India Team. Job overview: You\'ll lead/manager our Security Operations Center team with best practices in IT industry. What you\'ll do: Responsible for investigation of cybersecurity incidents, response plans development and managing SIEM infrastructure. Good understanding of Sentinel and KQL (Able to create/fine tune custom use cases, custom workbooks/dashboards, custom Playbooks for SOAR, and custom reports) Collection and analysis of digital evidence (disk images, memory dumps, network traffic dumps, system logs, malware samples). Malware analysis, obtaining and processing indicators of compromise (IOC) Participation in presale and service development activities & follow up of ticket closure with client Develop custom parsers to parse logs from various sources including Firewall, OS, Apps etc. Preparation of response/investigation reports, development of recommendations. Profile requirements: About 3-7 years of Prior Practical work experience in managing cyber incident response team (L3 SOC) as SIEM engineer and identifying and investigating information security incidents. Microsoft/Azure Sentinel Experience or hands on experience in MDE, Azure AD, Defender O365. Practical experience in cybersecurity incidents response (SANS/NIST). Strong knowledge of modern tactics and techniques of attackers (TTP), the main vectors of attacks on corporate infrastructures, ways to detect and prevention them. Must be able to create/modify standard operating procedure (SOP\'s) for existing and new Use Cases Understanding the classification of modern malware Practical experience with SOC products: SIEM (Splunk, ArcSight, QRadar), IRP and digital forensics tools, threat intelligence platforms (TIP), event sources: IDS/IPS, EPP/EDR, NGFW, network analysis packages (NetFlow, Bro /Zeek), operating system and network equipment logs. Understanding of Azure cloud platform and Certification like AZ500, SC-200 would be added advantage Skills in working with computer forensics tools: The Sleuth Kit, Volatility, X-Ways, FTK Imager, etc.). Strong knowledge of Windows/Linux operation systems. Programming skills on script languages (bash, Python or PowerShell) or SQL. Excellent written and spoken English. Key skills: 1) Sentinel & KQL Expertise (Use case/Rules, Dashboards, Playbooks, Reports) and integration of various sources to Sentinel. 2) The Sleuth Kit, Volatility, FTK Imager, Python, OllyDbg, x64dbg, IDA Pro, Wireshark, ATT&CK Optional: Preferred Information Security professional certifications such as SANS GIAC, Offensive Security, ECCouncil Key skills: The Sleuth Kit, Volatility, FTK Imager, Python, OllyDbg, x64dbg, IDA Pro, Wireshark, ATT&CK Optional: Preferred Information Security professional certifications such as SANS GIAC, Offensive Security, EC-Council. What we offer: Insurance - Group Medical Coverage, Group Personal Accident, Group Term Life Insurance Rewards and Recognition Program, Employee Referral Program, Wellness Program and CSR Initiatives Maternity and Paternity Leaves Company Sponsored Certification Program Learning/Development Courses, Cross Skill, Mentorship and Leadership Programs Quarterly Performance Feedback Sessions Savings, Investments and Retirement Benefits Flexible Work Hours, Work from Home, Remote Working, Hybrid Working Company Onsite / Fun Events Don\'t forget to include your CV and cover letter. We receive a lot of applications, but we try to notice each of our potential candidates.

foundit