Job Description
We are looking for an experienced security professional for our 24×7 managed security operations center to work as a Security Consultant. The candidate will be responsible for Incident Handling, Threat Hunting and would be primary security consultants for clients as a part of Managed Detection and Response service.
Responsibilities
- Review & Analyse security events for quality and possible escalations to raise the alarm.
- Follow-up with customers & vendors to resolve open issues
- Security device administration with respect to tuning and enhancing detection capabilities.
- Handling SOC MDR Operational requirements.
- Review and present security reports and ensure compliance to security policies and SLAs as applicable.
- Perform in-depth analysis of events and logs for detecting malicious applications and network activity, common attack techniques that compromise hosts, detecting and analysing system and network vulnerabilities and continuous process improvement by discovering the root causes of incidents
- Work to resolve major security incidents in conjunction with respective resolver groups. Experience configuring security incident and event management tools including creating event filtering and correlation rules and reports.
- Ability to work with customer and product specialists to weed out false positives and improve efficiency of the security operations
- Creation of knowledge base which will be used by SOC analysts for performing their roles.
- Development of customised use cases based on the applicable threats to client infrastructure.
- Creation of ad-hoc reports and Dashboards as per customer requirements
- Leading team of SOC Analyst/Operations team
Essential Skills
- Knowledge & hands-on experience in management of IDS/IPS
- Firewalls, VPN, and other network & security products
- Experience in security Information event management (SIEM) tools such as Qradar, Arcsight, Logrhythm or any other tools.
- Creating basic & advanced co-relation rules
- Should have expertise on TCP/IP network traffic and event log analysis,
- Knowledge of ITIL disciplines such as Incident, Problem and Change Management
- In-depth knowledge of OSI Layers, Internet Protocol, TCP/IP
- Ability to work independently and confidently
- Visio & MS presentation skills
- Excellent problem solving, analytical & communication skills
- Solid communication skills and expertise to translate technical jargon into business familiar language
- Communicate effectively with customers, team-members, and management
