Job Description

1. Advanced Troubleshooting & Incident Analysis

Perform in-depth analysis of network security incidents (e.g., DDoS, firewall breach attempts, malware communication). Investigate alerts escalated by L1 support. Analyze traffic patterns, logs, and system behavior for potential threats. Use packet analysis tools (Wireshark, tcpdump) to investigate suspicious traffic.

2. Firewall and Network Security Device Management

Implement and manage firewall policies (Palo Alto, Fortinet, Cisco ASA). Review and refine firewall rules to minimize false positives and improve security posture. Perform configuration changes, backups, and rule audits.

3. Incident Response & Mitigation

Act as first responder in critical security incidents. Work with SOC team to contain and remediate threats (e.g., isolate hosts, block IPs, reconfigure ACLs). Coordinate with L3 and Threat Intelligence teams for advanced threat mitigation.

4. Change Management & Implementation

Review and implement network security changes as part of the change control process. Deploy updates, patches, and configuration adjustments in firewalls, IDS/IPS, and VPNs. Test and validate the impact of changes before implementation.

5. Log Analysis & Correlation

Analyze logs from firewalls, routers, switches, IDS/IPS, and SIEM systems (e.g., Splunk, QRadar). Correlate events across multiple systems to identify attack patterns. Hunt for indicators of compromise (IOCs) in network traffic.

6. Tool Optimization & Maintenance

Tune IDS/IPS signatures and firewall rules to reduce noise and increase accuracy. Ensure the health and performance of network security devices. Collaborate on SIEM tuning to improve detection capability.

7. Escalation Point & Support to L1 Team

Act as technical escalation point for L1 team. Guide L1 analysts on SOPs, investigation techniques, and tool usage. Help document new playbooks and update knowledge bases.

8. VPN & Remote Access Support

Configure and troubleshoot site-to-site and client VPNs. Investigate failed VPN connections, authentication issues, and access violations.

9. Security Audits & Compliance

Support internal/external audits by providing logs, reports, and evidence. Ensure compliance with security policies, standards, and regulations (e.g., ISO 27001, PCI-DSS, NIST). Required Skills for L2 Network Security Strong understanding of: TCP/IP, routing protocols, NAT, ACLs Firewall architecture, DMZ, proxy servers IDS/IPS concepts, VPN, IPSec, SSL.
Job Types: Full-time, Permanent

Pay: ?500,000.00 - ?550,000.00 per year

Benefits:

Health insurance Life insurance Paid sick time Provident Fund
Schedule:

Day shift
Work Location: In person