Monitoring and analysis of cyber security events with the use of Securonix / QRadar (SIEM), Cyware TI, Palo Alto SOAR and other tools.
Minimum of 7 years of experience in Cyber security
At least 5 years of working in the SOC
Proficient in Incident Management and Response, handling escalations
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Responsible for working in a 24x7 Security Operation centre (SOC) environment.
Provide analysis and trending of security log data from a large number of heterogeneous security devices
Provide threat and vulnerability analysis as well as security advisory services
Analyse and respond to previously undisclosed software and hardware vulnerabilities
Investigate, document, and report on information security issues and emerging trends
Guide and share information with other analysts and other teams;
Other tasks and responsibilities as assigned
Knowledge of various operating system flavours including but not limited to Windows,Linux, Unix
Knowledge of TCP/IP Protocols, network analysis, and network/security applications;
Knowledge of common Internet protocols and applications
Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences
Knowledge about various tools like SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset Web Security, AV, UBEA, Advanced SOC
Integration of PCAP and NBA solution and details investigation of Network packet Capturing.
working knowledge for Bigdata family with SQL query.
Proven knowledge of Network Anomaly detection and real time incident reporting
Proven knowledge of incidence forensics and correlation of packets captured using PCAP and NBAD tools
Manage Backup, Archiving and Restore of PCAP data.
Generate reports and highlight compromises
Manage PCAP and NBAD tools Maintain and update the tool
Strong knowledge of Operating System Networking troubleshooting skills