Responsibilities: - Supervise and manage Level 1 L2 L3 SOC security analysts. - Identify training opportunities for the team to mature into a highly proactive & efficient security response team. - Monitor multiple security technologies, such as SIE M, IDS IPS, syslog, file integrity, vulnerability scanners. - Enable to Correlate and analyze events using SIEM tool to detect IT security incidents. - Manage SLAs for security tickets. -Be the POC for customer for any enhancement requirements in SOC -Be the POC for representing weekly Monthly Quarterly security trends and enhancement to Customer (security officer CSO CISO) -Enable integration and adherence to the multiple vetted sources of emerging security threats, risks and vulnerabilities by well assessing the same. - Establish a robust KEDB SOPs for security events incidents and enable L1 L2 teams in maintaining updating and following the same. - Run mock triages on technical approach processes in SOC with the SOC team on a regular bas is. - Design & implement operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents. - Provide 24x7 operational support for escalations. Qualifications - Moderate to Ad vanced event analysis leveraging SIEM tools ( Azure sentinel, Qradar etc.,) - Moderate incident investigation and response skill set - Moderate log parsing and analysis skill set - Moderate knowledge of networking fundamentals (TCP IP, network layers , Ethernet, ARP, etc) - Moderate knowledge of malware operation and indicators - Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc) - Moderate knowledge or IDS IPS systems - Moderate knowledge of Windows and Unix or Linux - Moderate knowledge of Firewall and Proxy technology - Basic to Moderate knowledge of penetration techniques - Basic to Moderate knowledge of DDoS mitigation techniques - Basic knowledge of Data Loss Prevention monitoring - Basic experience w ith scripting - Basic knowledge of forensic techniques - Basic to Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.) - Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.) - Experienced in mentoring and training ju.
Job Requirements: SIEM Azure Sentinel, Security Incident and Event Management, SIEM Solution Documentation
Job Type
Full Time
Location
BANGALORE
Mandatory Skills
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.