- University degree
- 2-5 years’ experience in Information Security.
- Previous experience in Security Operations Center (SOC)
- Experience in any SIEM technologies – Logrythm (preferred), ArcSight, RSA Envision, Splunk, etc.
- Experience in Vulnerability management tools and DLP is added preference.
- Strong problem-solving and analytical skills, initiative, eagerness to learn, improve, and ability to work independently within a team structure
- Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously
- Preferred certifications CEH, Security+, Vendor certification.
- Log monitoring and investigation through SIEM solution in rotational 24x7 shifts.
- Support the Security Operations Centre(SOC) by collaborating in use case development, developing response processes and procedures, and performing continuous process improvements; which may include documentation, mentoring, and/or training sessions.
- Investigate complex events escalated by Security Operations Center (Level 1) analysts.
- Analyze security breaches to determine their root cause
- Understanding of network and endpoint security tools and how they integrate into the SIEM and provide a cohesive view of network incidents and security.
- Conduct proactive threat research and coordinate efforts among multiple business units during response
- Correlate logs from different sources and fine tune it to decrease false positive ratio
- Prepare reports by collecting, analyzing, and summarizing information
- Integration of new device sources in SIEM, conducting continuous health check of the solution to ensure minimal downtime.
- Configure backups, verify custom reports, manage log source groups and validate log sources
- Review and perform vulnerability assessments
SIEM Tools – ArcSight/ RSA Envision, SA/ Splunk/ IBM QRadar/ Logrythm
VM Tools – Qualys, Nessus, etc.
Programming Skills: Python, or experience in scripting
Certifications (additional preference)
International Security Certifications:
- CEH / CCNA/ Security+/ CSA
- ISO27001 LA / LI
Primary Location: India-Birlasoft Ltd (India)-Hyderabad
Job: Information Security
Organization: Birlasoft Limited
Job Posting: Apr 7, 2021, 6:54:42 AM