Layer : P2A Role Competencies Technology 1. Must have worked with Security Operations Center (SOC) Environment with at least 2 - 4 years of experience using SIEM tools preferably Splunk; more on the data correlation and understanding the Impact of the alerts. 2. Must have hands on experience on Security Event Monitoring , Event Analysis , investigation and mitigation. 3. Good to have experience on monitoring or managing Antivirus preferably TrendMicro Antivirus. 4. Should understand the definition of the corporate security policy suggesting improvements with respect to the policy regarding SIEM / VA / Antivirus etc. Understanding the impact of the security policy and communicating back to the customer. 5. Should be able to do event correlation on the alerts from various security monitoring tools. 6. Must have basic knowledge of networking. 7. Network Fundamentals: Understand hardware classes from multiple vendors 8. Should be able to understand / Explain scenarios & have working knowledge and be able to trouble shoot all network Protocols. Install configure & troubleshoot of Cisco Router. 9. WAN Topologies: Explain scenarios & have working knowledge and be able to troubleshoot the functions and operations of gateway redundancy protocols (i.e. , HSRP , VRRP , NSRP and GLBP) configurations. 10. Routing / Switching: Configure & Verify router hardware and software operation using all commands. Strong knowledge on all protocols. 11. Internetworking: Configure & Verify Firewalls , VPN , IDS , IPS , UTM devices hardware and software operation using all commands. Strong knowledge on all functionalities of Plugs / policies / Public Private security authentications. 12. Network Security: Configure & Verify Firewalls , VPN , IDS , IPS , UTM devices hardware and software operation using all commands. Strong knowledge on all functionalities of Plugs / policies / Public Private security authentications. 13. Tools: Basic Knowledge of Monitoring Tools , Parameters being monitored and alerting mechanism MAIN RESPONSIBILITIES AND ACTIVITIES 1. Willing to work in shifts 24x7 2. Should have good oral and written communication skills 3. Troubleshooting: Analyze problems with the service and resolve the issues , Gather information from customers either by chat or e - mail to enable effective troubleshooting , Troubleshoots and repairs hardware and software problems with desktop and laptop computers , Personal Digital Assistants (PDAs) , printers , digital scanners , and other network equipment , Report issues to vendor / ISP / carrier and follow up on updates. Escalate issues as per Escalation Matrix , Install / Uninstall various software and upgrades equipment when necessary , Monitoring and maintaining / reducing the queue size. Resolving Technical issues at level 1( Incident and Service request) 4. Hardware and Software Management: Monitoring CPU , memory and hard disk utilization , Monitoring the event viewer and generating reports. Providing New Desktop Installation and Software Installation Reports , Make team members aware of any changes or scheduled activities so that effective follow up is possible. , Updating the latest anti - virus on servers and monitoring the anti - virus patches on Servers and Desktops and generating Reports , Track the assets issued to users and maintain a database report of assets. Updating KB and CMDB whenever there is a need. Handling Backup Activities on daily , weekly and Monthly . Generating the Reports on all Backup activities. 5. Process Compliance: Gather information from vendor and customer and update the tickets regularly as per the defined process , Prepare a detailed report on the plan of action for the existing tickets for the next shift engineer (Shift Handover Report) , Following the various Escalation Matrix (Vendor , Internal and Customer defined) , Ensure tickets are closed post user / customer communication , Maintains inventory of PC equipment with Asset Executive , Special focus on Power User calls , Constantly track tickets for SLA adherence and escalate on deviations as defined in the process , Comply with defined processes and update tickets with SLA.