Experience: 3 to 5 years
- Ensure SIEM and underlying security architecture and solutions correctly operate within the stipulated SLA
- Perform ongoing monitoring and threat analysis, Analyzes logs/traffic
- Assesses threat and vulnerability information from all sources (both internal and external) and promptly applies applicable mitigation techniques initiating indications and warnings
- Provide Level 2 Support in resolving alerts generated by complex network, endpoint, and log analysis platforms
- Engage with product support to troubleshoot and resolve issues
- Performing periodic Vulnerability Assessment activities using automated as well as manual tools
- Result collation and analysis
- Create detailed security scan report for each scan performed
- Assignment of risk rating for each vulnerability
- Detailed technical remediation steps of identified vulnerabilities
- The key responsibilities of the position include:
- Sound knowledge of configuration and operation of SIEM Solutions (AlienVault, Splunk ES, LogRhythm).
- Knowledge of configuration and operation of Security Solutions including, Firewalls, IDS, Internet Filters, DLP, Vulnerability Scanners, Anti Malware Solutions Etc.
- Ability to analyze malicious attacks/incidents.
- Ability to determine false positives.
- Ability to effectively communicate security issues and concepts
- Knowledge of configuration and operation of VA/PT Solutions (Nessus, Metasploit, QualysGuard, Nexpose).
- Knowledge on OWASP Top 10, SANS Top 25
- Strong understanding of TCP/IP and basic networking concepts
- SIEM (Splunk, LogRhythm or AlienVault) Certification
- GIAC Certified Incident Handler (GCIH)
- Certified Ethical Hacker (CEH)