Location: Bangalore, KA, India
Job ID: 1001174
Security operations team is responsible for ensure that the Confidentiality, Integrity and availability of the organization is not impacted. In this role, individual is expected to develop and maintain a robust SIEM infrastructure. The monitoring of the known and unknown threats is directly proportional to the strength of the SIEM monitoring system. The individual is expected to review and monitor different monitoring alarms and provide recommendations for adequate monitoring and response. The individual is also expected to carry out Cyber Investigations and assess use of analytics for threat assessments. Extensive interfacing with stakeholders across IT and Business is expected to gather information, perform gap assessments and streamline activities as and when required. Individual is expected to have experience in managing external and internal audits and ensure adherence to client and regulatory requirements in line with organizational policies
JOB FUNCTIONS AND RESPONSIBILITIES
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
• Accountable for overseeing data security and financial fraud investigations and ensuring that cases are opened and actioned within the required time frame.
• Provide support to configure, analyze, support, and remediate issues on the SIEM.
• Develop and enhance SIEM rules, threat cases, queries, dashboards, channels and custom list.
• Assist the junior team members with Advanced analysis of SIEM Alarms
• Provide thought leadership for improving the SIEM implementations
• Lead the incident management process to ensure a secure environment
• Alert and dashboard creation and reporting
• Security alert monitoring
• Should be aware of the OWASP Top 10 along with the Application Security standards
• Experience in network security will be an added advantage
• Assist in strengthening the email security systems
• Stay up to date with the latest threats, attack vectors and countermeasures
• Must be able to demonstrate strong understanding of security concepts, best practice and tools.
• Serve as the inhouse technical expert on SIEM implementation and architecture
• Strong background in threat intelligence & data enrichment in SIEM
• The ability to collaborate with different teams within the organization for various tasks
• Excellent problem solving, research, and follow-up skills.
EDUCATION / EXPERIENCE
WORK SCHEDULE OR TRAVEL REQUIREMENTS (Only add if needed)
2pm to 11pm