HP Arcsight Information Security Incident Management - Trivandrum

HP Arcsight Information Security Incident Management - Trivandrum

Job Description

##

**Posted on:** 5-Sep-2016

**HP Arcsight Information Security Incident Management - Trivandrum**
**Location:** Thiruvananthapuram, Trivandrum

**Experience:** 5 - 15 Yrs

### Major Responsibilities

- Responsible for monitoring and analyzing information security events (unauthorized use or access, fraudulent activities, data leakage, etc.), and initiating information security incident tickets (third level activity, complementary to first and second level monitoring and support in the service desk that performs mainly automated, predefined, and procedure-driven tasks).

#### Information Security Event Monitoring

- Monitoring and analyzing security events in central tools (e.g., ArcSight) as well as unconnected,





local systems (e.g., IPS) on a regular / permanent basis.
- Developing and refining detective controls (e.g., event sinks, filtering rules), partially based on input from Information Security Investigation Coordinators (investigation results and trends).
- Controlling effectiveness of preventive and detective measures (e.g., IPS system).
- Developing and reporting metrics for the overall information security situation (e.g., number of targeted attacks / attempts).

#### Information Security Incident Management

- Initiating information security incident tickets, triggering escalation process if required, and performing initial counter-measures.
- Supporting (and joining) the Information Security Incident Response Team with real-time information on current developments, and pinpointing origin and target of attacks.

#### Information Security Vulnerability Management

- Planning, performing and monitoring vulnerability scans (e.g. using Qualys Guard) and reporting of results.







### Educational & Professional Qualifications

- Graduate degree in computer sciences, or comparable education and knowledge.

**Experience:**
- At least 5 years of working experience in Arc Sight.

**Technical Skills (Mandatory)**
- Experience with security monitoring tools and devices, such as IDS/IPS, AV scanners, security gateways and SIEM solutions (preferably ArcSight).
- Capability to cope with high work load and pressure.
- Preferred Tools: ArcSight, Intrusion Prevention Systems, Qualys, FireEye.

**Functional/Domain Knowledge (If required)**
- Know-how of network and infrastructure security.

**Other skills (Preferable technical skills /Soft skills)**
- Good communication skills as well as self-organization.
- Strong analytical mind.






- Highly motivated to cooperate in a multi-cultural and diverse environment.
- Certification preferred: CEH, ECSA, GCIH.

**Required Skills and Experience**

- **Industry:** IT/Computers-Software.
- **Role:** Senior Systems Engineer.
- **Key Skills:** SIEM, HP ArchSight, Arc Sight, IDS/IPS, AV scanners, security gateways.
- **Education:** B.Sc/B.Com/M.Sc/MCA/B.E/B.Tech.
- **Email ID:** [email protected]