• Us Citizen

• Green Card

• EAD (OPT/CPT/GC/H4)

• H1B Work Permit

• Corp-Corp

• Consulting/Contract

• UG :- - Not Required

• PG :- - Not Required

• No of position :- ( 1 )

• Post :- 17th Dec 2020

Must-Have Technical:• 2+ years’ experience in Information Security, including experience with security principles, and defense-in-depth techniques.• Monitoring and Triaging security alerts and Incidents• Sound knowledge in Splunk SIEM platforms• Possess functional knowledge and administrative experience on Windows and Unix/Linux Platforms.• Knowledge in security tools, including firewall, IDS/IPS, Network Packet Broker, WAF, and SIEM.• Strong security experience related to concepts of least privilege, risk management, vulnerability management, identity and access management, access controls, and segmentation. • Knowledge of DNS, network routing, authentication, VPN, proxy services, cloud, and DDOS mitigation technologies • Experience in Network security architecture development and definition.Non-Technical:• Ability to communicate and collaborate effectively with other team members in a geographic and culturally diverse workforce• Expected to complete projects within specified deadlines.• Expected to work occasional nights, weekends, holidays, and overtime.• Expected to perform on-call duties.• Occasional Travel may be required.• Strong sense of professionalism and ethics.Good-to-Have: • CIAC certifications in GISF, GSEC, GCIH, GISP, GDAT etc.• Nice to have CCSP, CCNAResponsibility of / Expectations from the Role: • Responsible for working in a 24x7 Cyber Security Operation Center (CSOC) environment.• Provide analysis and trending of security log data from a large number of heterogeneous security devices.• Provide threat and vulnerability analysis as well as security advisory services.• Analyze and respond to previously undisclosed software and hardware vulnerabilities• Investigate, document, and report on information security issues and emerging trends.• Integrate and share information with other analysts and other teams.• Perform other tasks and responsibilities as assigned.• Work with SIEM administrators to build detections to help proactively identify real world threats across a broad range of technologies and log sources.• Work with Incident response team to eradicate, contain and recover from security incidents• Limit immediate incident impact• Follow the escalation path as defined• Work with users to provide end user support• Monitor/Audit user system and logs to ensure successful eradication• Document lessons learned on interesting investigations• Support incident triage, incident response, and forensic investigations across endpoints and cloud environments• Conduct highly technical examinations of computer based evidence include logs, packet captures, SIEM & IDS events, disk forensics, malware analysis, and more.• Effective and Secure handling and storage of computer based evidence.• Create and maintain standard operating procedures and CSOC operations playbooks• Document incidents from initial detection through final resolution and present the findings to leadership.• Provide status reports as per expectation from customer (includes Open / Closed incidents, weekly highlights, action items, key risks and issues)• Provide Root cause analysis for critical incidents with corrective and preventive actions