Job Seekers, Please send resumes to email@example.com
Minimum 5 years of Experience in security incident response, vulnerability management and security operations activities
- Ability to work with minimal supervision, self-motivated and should be able to manage stakeholders
- Excellent knowledge on using advanced incident analysis and investigation techniques for security incidents to contain and resolve them
- Able to collect and analyze detailed host information through host monitoring tools – including command line tools as necessary
- Experience working in a risk based environment including mitigation, planning and implementation.
- Able to collect and analyze detailed enterprise logs using splunk, collecting logs of systems directly, experience with L1 malware analysis
- Deep Understanding of common Attack Vectors DDoS attacks, Phishing Attacks, and Malware
- Analyze Security related events, user submissions and detected alerts using SIEM and various native security tool management consoles.
- Perform initial triage of same events using established processes to determine criticality, perform containment/corrective actions.
- Record triage activities in security incident response system
- Utilize SIEM tool Splunk effectively in triage events and Splunk search capabilities
- Familiar and should possess multi-domain architectural knowledge/exposure is desired – Windows/Linux/Network/Proxies/Email gateway/Tanium/FireEye/Symantec, should be able to use tools such as Wireshark or equivalent tools, security alert monitoring using Splunk or other SIEM tools experience
- Vulnerability scanning using Qualys or any other tool, experience with vulnerability remediation activities, qualify new vulnerabilities and impact to the environment, patch governance activities
- Others – Must be able to build relationships with internal/external stakeholders and achieve the security incident resolution; Should be comfortable to work with onsite/offshore teams and provide technical guidance/leadership to offshore teams
- Articulate Client requirement to internal team/developers to arrive defined scope of the project.