Experience – 8 to 12 Years.
Job Responsibilities:
– Experience in SIEM platform adminstration, use case management, threat hunting and leading the SOC incident response team using Azure Sentinel
– Experience in migrating SIEM platform onboarding log sources, writing custom parses, developing custom dash boards and reports.
– Identify training opportunities for the team to mature into a highly proactive & efficient security response team.
– Monitor multiple security technologies, such as SIEM, IDS IPS, syslog, file integrity, vulnerability scanners.
– work with SOC L1/L2 to identify opportunities in fine tuning the use cases, false positives, dash boards and reports for efficient security operations.
– Manage SLAs for security tickets.
– Be the POC for customer for any enhancement requirements in SOC.
– Enable integration and adherence to the multiple vetted sources of emerging security threats, risks and vulnerabilities by well assessing the same.
– Establish robust KEDB SOPs for security events incidents and enable L1 L2 teams in maintaining updating and following the same.
– Run mock triages on technical approach processes in SOC with the SOC team on a regular basis.
– Design & implement operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
– Provide 24×7 operational support for escalations.
Job Qualifications:
– Proficient in SIEM platform adminstration and management, use case management, custom role development, custom parser developments, dash boards and reports
– Moderate to Advanced event analysis leveraging SIEM tools (Azure sentinel, etc.,)
– Moderate incident investigation and response skill set
– Moderate log parsing and analysis skill set
– Moderate knowledge of networking fundamentals (TCP IP, network layer s, Ethernet, ARP, etc)
– Moderate knowledge of malware operation and indicators
– Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
– Moderate knowledge or IDS IPS systems
– Moderate knowledge of Windows and Unix or Linux
– Moderate knowledge of Firewall and Proxy technology
– Basic to Moderate knowledge of penetration techniques
– Basic to Moderate knowledge of DDoS mitigation techniques
– Basic knowledge of Data Loss Prevention monitoring
– Basic experience with scripting
– Basic knowledge of forensic techniques
– Basic to Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
– Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)
– Experienced in mentoring and training juniors
Hands-on experience with tools like:
– ThreatConnect Threat Intelligence Platform
– Azure Sentinel
– RecordedFuture TI feeds
– ZeroFox TI feeds
– PhishLabs TI feeds
▶️ SIEM Expert
🖊️ LTIMindtree
📍 Bengaluru
Job details Salary ₹14,000 – ₹35,000 a month Job Type Full-time Qualifications – Lead generation: 1 year (Preferred) – total...
Apply For This JobAn emerging biotech-focused company leveraging unique insight and innovation to create DNA that is 10x longer and 20x more accurate...
Apply For This JobAnswering questions about products or the company Asking questions to understand customer requirements and close sales. Direct prospects to the...
Apply For This JobFind below the Job Profile for M4/M5 level vacancy: Consumer Bank Profitability Consumer Bank Branch Profitability preparation and monitoring Channel...
Apply For This JobJob details Here’s how the job details align with your job preferences.Manage job preferences at any time in your profile....
Apply For This JobJob Details JOB RESPONSIBILITIES: Settlement of claims as per/within policy conditions as per the given timelines. To monitor & support...
Apply For This Job