ThoughtFocus
Location
Bangalore | India
Job description
ONLY IMMEDIATE JOINERS (0-7 DAYS) , Should be open to work in rotational shifts.
Exp below 5yrs in Cybersecurity will not be considered. Responsibilities Support a 24/7/365 Security Operations Center and monitor security tools Provide Tier 1 response to security incidents · Respond to cybersecurity events and incidents caused by internal and external threats to our clients, coordinate response activities with various stakeholders, and recommend mitigation strategies Handle incidents as defined in playbooks and standard operating procedures, and advise on remediation actions Perform deep-dive incident analysis by correlating data from various log sources and determine if a critical system or data set is affected Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with the SIEM platform · Triage emerging threats to protect assets and information in client environments. · Present reports and produce communications to senior analyst. · Identify risk areas that will require vulnerability prevention · Stay current with Security technologies and make recommendations for use based on business value Requirements · Experience on an incident response team performing Tier I/II initial incident triaging and escalating to senior team members as and when necessary. · Experience on SIEM platforms such as Alien Vault, IBM QRadar, ArcSight or LogRhythm · Threat hunting experience using SIEM, EDR and other tools. · Experience working on email security solutions such as Microsoft, Mimecast, Proofpoint. · Experience and knowledge of public cloud environments, specifically AWS and Azure · Experience in monitoring and triaging alerts in endpoint protection solutions such as Cylance, Carbon Black, or CrowdStrike · Linux command line experience · Knowledge of regular expressions and data normalization · Understanding of network protocols coupled with experience with web proxies, web application firewalls, and vulnerability assessment tools. · Experience working in a team-oriented, collaborative environment with a high level of analytical and problem-solving abilities · Positive attitude with strong oral and written communication skills · Knowledge of IP networking and network security including Intrusion Detection · Familiarity with common network vulnerability/penetration testing tools · Familiarity with service management software such as ServiceNow · Experience supporting clients. · Ability to anticipate and respond to changing priorities and operate effectively in a dynamic demand-based environment requiring flexibility and responsiveness to client matters and needs Qualifications/Education BS/BA in Information Security, Computer Science or related engineering discipline, preferred 5-8 years of experience in a Security Operations Center or Cyber Security Incident Response Teams. (security, networking, systems, etc.) Financial services industry experience is a plus Managed security service provider (MSSP) experience is a plus Certifications Certifications or work toward any of the following is strongly desired: · CompTIA Security+ · CEH (Certified Ethical Hacker)· CompTIA Network+ · Microsoft Certified Solutions Associate (MCSA) · GIAC Certified Incident Handler (GCIH) · GIAC Certified Intrusion Analyst (GCIA) · GIAC Certified Forensic Analyst (GCFA) · GIAC Certified Forensic Examiner (GCFE) · GIAC Network Forensic Analyst (GNFA) · Cisco Certified Network Associate (CCNA)Job tags
Salary
