4 to 6 years of industry experience with Information Security Incident Management.
Participate in a 24/7 IT Security Operations that monitors for and 1st/ 2nd level response to security events on large enterprise.
Review and analyze SIEM security events from various monitoring and logging sources, as well as associated network traffic to identify and /or confirm suspicious activity.
Proven ability to identify security threats, exploits, attack vectors and skills to perform investigation and remediation.
Demonstrate a strong knowledge of, and ability to communicate about, the information security threat landscape.
Working experience with ArcSight, proxy tools, DLP, windows, and UNIX and application logs.
Working experience in a network security environment, such as a Security Operations Center (SOC), Security Incident Response Team (SIRT), or Computer Security Incident Response Center (CSIRC) investigating targeted intrusions through complex global network segments, preferred.
CEH, ESCA, Firewall, Others
Additional required Skills:
Candidate must have strong analytic skills for problem analysis and resolution.
Candidate must have excellent oral and written communication skills.
Candidate must have self and project management skills to maintain timely deliverables.
Roles / Responsibilities:
Along with performing Security Incident Management & Monitoring, candidate should be able to contribute to evolving process and procedure change requirements, documentation, reporting, remediation proposals. Must be able to exhibit strong communication, collaboration, as well as time and project management skills
Instill customer confidence by working with prospects at both a technical and business level
Should be able to identify security concerns & improvements for a large enterprise.
Generate innovative approaches and solutions to recurring tasks or problems.
Contribute to practice development by creating reusable components and sharing key project-learning's within the practice
MCA / BE / B Tech