MakeMyTrip
Location
Gurgaon | India
Job description
Role & responsibilities Analyze existing cyber security systems, processes, and policies to detect & respond to the threats and risks in our Mission Control SOC. Manage the SIEM solution (Preferably Microsoft Sentinel) including Logs Ingestion, Rule/Policy creation, fine tuning and SOAR Monitor and actively investigate security events and manage incident response investigations across a range of computing environments, platforms and applications, including Windows, Mac, and Linux-based operating systems. Need to have good knowledge about cyber security concepts including familiarity with common attack methodologies, tactics and protocols, hacker activities, to help perform kill chain analysis and correlate alerts from various log sources. Good understanding of Endpoint security like EDR, DLP, Zero Trust is add-on Knowledge of Networking and Cloud infrastructure technologies, WAN/LAN, TCP/UDP concepts, firewalls, NIDS, IPS. Keep track of latest evolving technologies in the world & leverage them to drive innovation inside the organization. Preferred Profile 2-6 years of hands-on experience in Security domain, preferably in hyper scale cloud based e-commerce environment. Understanding of possible attack activities such as network probing/scanning, DDOS, malicious code activity, using threat intelligence for detection & mitigation. Strong experience in leveraging Next gen SIEM with SOAR/XDR capabilities to detect & investigate the cyber security incident and reporting in defined template. Knowledge of Active Directory (AD) concepts, AD event logs is huge plus Good understanding of web concepts like REST Framework, Request Headers, Cookies, DNS, Firewalls Experience in using tools like TCPDUMP, Wireshark, Packet Tracer, NMAP Knowledge & experience in scripting & automation using any language is a big plus. Strong Analytical, interpersonal and oral/written communication skills with ability to manage multiple stakeholders
Job tags
Salary
