Location
Bangalore | India
Job description
Job Description
TCS hasalways been in the spotlight for being adept in the next big technologies. Whatwe can offer you is a space to explore varied technologies and quench yourtechie soul.
JobDescription:
MustHave:
- Good knowledge& working experience on central logging, event correlation, securityincident management, SIEM architecture
- Experience inimplementation and management of the Splunk (SIEM solution) , configuration,data onboarding etc
- Experience inwriting complex correlation rules, log source integration with SIEM
- Implementation, configuration andmanagement of SIEM solution.
- Experienceshall comprise of capabilities of performing the enterprise wide securityassessment.
- Tools andTechnologies: Arcsight, McAfee Nitro Security, Log Logic, Splunk
- SecurityIncident Management and Response experience.
- Firewall, IPSand Proxy management.
- Log Sourceintegration with SIEM.
- Experience inwriting XML parsers.
- Create,customize and manage dashboards / reports.
- Workingexperience in alert handling, standard availability and performance reportgeneration.
- Hands-onexperience in root cause analysis of post-production performance relatedissues.
- Workingknowledge of scripting languages
Goodto Have:
- DLP, anti-virus and anti-malware
- Use of system tools such aswireshark, ethereal, packet analyser etc
- Cloud computing
- SaaS models
Responsibilityof the Role
- Investigatesecurity events and incidents escalated by SOC Lvl1 and Lvl2 analysts, mitigatethe threat and prevent future occurrences
- Proficientin creating SIEM use-cases, correlation rules and baselines to monitor Maliciousactivity, IOCs and anomalies
- Workwith Splunk Admin to onboard necessary logs
- IntegrateThreat intelligence and other enrichment feeds to SIEM tool
- Abilityto perform Major Incident Management and Incident Response
- Identifyand assist in reducing False Positive Events by tuning Splunk UseCases
- Providetuning and security standards recommendations to AMD Engineers
- Stayabreast of current threats and vulnerabilities, identify and report threatsrelevant to the environment
- Deep understanding ofthe ATT&CK matrix, with experience building use cases and SOPs aroundspecified techniques.
Desired Candidate Profile
Qualifications :BACHELOR OF COMPUTER APPLICATION, BACHELOR OF COMPUTER SCIENCE, BACHELOR OF ENGINEERING
Job tags
Salary