Security Consultant Soc/siem Job in Essenvision Software
Security Consultant Soc/siem
- Mumbai, Maharashtra
- Not Disclosed
- Full-time
Role and Responsibilities Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents. Work with the customer designated personnel to provide continual correlation rule tuning, incident classification and prioritization recommendations. Report query adjustments, and various other SIEM configuration activities. Assist customers to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources. Work closely with the assigned Managed Services SIEM resources to ensure client s customized solution is functioning optimally and continuously tuned to the client s needs. Collaborate with a variety of customers in a polite, positive and professional manner. Resolve problems related to Network, Device, Policy, connectivity issues etc. Monitoring and processing various sources to produce actionable intelligence for multiple consumers Identify new opportunities/threats in the network to improve the security of the network Continuously evaluating existing sources for value and supporting decision-making related to the future use of those sources Mentoring and developing less experienced team members Supporting the creation and implementation of new processes as appropriate Staying current on cyber security best practices, news, issues, vulnerabilities and threats (specifically as they apply to the financial industries) Supporting relationships with partner teams Fulfilling routine and ad-hoc reporting requests Monitoring project delivery success metric and work with teams to take corrective actions Team adherence to Key Performance (KPIs) Indicators Act as a subject matter expert and liaison to business, to introduce, implement and ensure client and business objectives are continually met Monitor and administer enterprise log correlation (SIEM) Select, design, implement and manage security measures to reduce the risk of loss Evaluate and develop approach to solutions Perform analysis of suspicious URLs, emails, network anomalies, and binaries Identify current attacks using internal tools or task intelligence sources to provide in-depth analysis of any current or prior attacker activity to support groups Analyzes and investigates Provides explanations and interpretations within area of expertise Qualifications and Education Requirements Undergraduate degree or equivalent experience Minimum 5 Yrs. of total experience with 3+ years of relevant experience in any product in SIEM (Arcsight, Qradar, LogRhythm, Splunk ES, McAfee, SolarWinds, DNIF, etc.) Proven expertise of Security Operations (L1/ L2/ L3) in Infrastructure Security Services domains. Ability to resolve issues pertaining to security solutions implemented at client locations. Preferred Skills Basic knowledge about Risk, Incident and Change Management. Basic knowledge and understanding about OWASP Top Ten Experience with SIEM tools and technologies, such as ArcSight, LogRhythm, Mcafee ESM, IBM Qradar and/or similar tools Experience using intelligence analysis tools Knowledge of data correlation techniques Knowledge of processes, procedures, and methods to research, analyze, and disseminate open source intelligence information Demonstrated critical thinking and problem solving skills Proven communication skills, both written and verbal, to both business and technology audiences Ability to work and influence successfully within a matrix driven environment and build effective business partnerships with all levels of team members
Fresher
2 - 4 Hires