Experience – 8 to 12 Years.
Job Responsibilities:
– Experience in SIEM platform adminstration, use case management, threat hunting and leading the SOC incident response team using Azure Sentinel
– Experience in migrating SIEM platform onboarding log sources, writing custom parses, developing custom dash boards and reports.
– Identify training opportunities for the team to mature into a highly proactive & efficient security response team.
– Monitor multiple security technologies, such as SIEM, IDS IPS, syslog, file integrity, vulnerability scanners.
– work with SOC L1/L2 to identify opportunities in fine tuning the use cases, false positives, dash boards and reports for efficient security operations.
– Manage SLAs for security tickets.
– Be the POC for customer for any enhancement requirements in SOC.
– Enable integration and adherence to the multiple vetted sources of emerging security threats, risks and vulnerabilities by well assessing the same.
– Establish robust KEDB SOPs for security events incidents and enable L1 L2 teams in maintaining updating and following the same.
– Run mock triages on technical approach processes in SOC with the SOC team on a regular basis.
– Design & implement operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
– Provide 24×7 operational support for escalations.
Job Qualifications:
– Proficient in SIEM platform adminstration and management, use case management, custom role development, custom parser developments, dash boards and reports
– Moderate to Advanced event analysis leveraging SIEM tools (Azure sentinel, etc.,)
– Moderate incident investigation and response skill set
– Moderate log parsing and analysis skill set
– Moderate knowledge of networking fundamentals (TCP IP, network layer s, Ethernet, ARP, etc)
– Moderate knowledge of malware operation and indicators
– Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
– Moderate knowledge or IDS IPS systems
– Moderate knowledge of Windows and Unix or Linux
– Moderate knowledge of Firewall and Proxy technology
– Basic to Moderate knowledge of penetration techniques
– Basic to Moderate knowledge of DDoS mitigation techniques
– Basic knowledge of Data Loss Prevention monitoring
– Basic experience with scripting
– Basic knowledge of forensic techniques
– Basic to Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
– Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)
– Experienced in mentoring and training juniors
Hands-on experience with tools like:
– ThreatConnect Threat Intelligence Platform
– Azure Sentinel
– RecordedFuture TI feeds
– ZeroFox TI feeds
– PhishLabs TI feeds
▶️ SIEM Expert
🖊️ LTIMindtree
📍 Bengaluru
Role: Senior Java Developer Experience : 7 to 10 Years Location: Bangalore-Manyata Tech Park About the job Deliver innovative ideas...
Apply For This JobJob details Salary From ₹12,000 a month Benefits & Perks Health insurance Job Type Full-time Qualifications – total work: 1...
Apply For This JobJob details Salary ₹8,000 – ₹15,000 a month Benefits & Perks Work from home Job Type Part-time Internship Contractual /...
Apply For This Job1. Proficient in Asp.Net, MVC, Webforms, Blzor, .Net 4.8, .Net Core, ADO.Net, EF6 , EF Core , WCF( SOAP based...
Apply For This JobSolution Design: Creating architecture and design for Power Apps solutions based on business requirements. Development: Building custom apps, forms, and...
Apply For This JobJob Description: Business Head Responsibilities: 1. Strategic Leadership: Responsible for providing strategic leadership for the company by working with the...
Apply For This Job