The candidate must have worked at Level 1 & 2 in performing Event and Incident management activities.
Primary Skills: Tenable & SIEM
IT Security, Host and Network Intrusion prevention systems, Vulnerability Assessment and Management, Application Security, Data Loss Prevention, McAfee EPO/IPS/AV, Websense, SIEM, Anti Malware, Email protection/Anti-spam tools.
Must have working knowledge of at least 4 of the following tools - Nessus, Guardium, Sumologic, McAfee IPS, Websense, Tanium, Lieberman
2nd/3rd level of security event management, providing expert commentary on observed and validated events with diagnosis and possible solutions to the incidents
Perform configuration optimization on SIEM, VA, IPS tools to fine tune correlation rules and signatures to reduce false positives
Schedule and monitor execution of VA jobs, Review and comment on vulnerabilities identified, generate reports, identify trends, escalate to identified stakeholders. Build and maintain risk register
Ensure adherence to security policies, generate periodic reports and provide guidance on access rules optimization to reduce risk.