Location: Bangalore, KA, India
Job ID: 1002993
POSITION TITLE: Team Lead, Information Security
Security operations team is responsible for ensuring that the Confidentiality, Integrity and availability of the organization is not impacted. In this role, individual is expected to develop and maintain a robust SIEM infrastructure, Alert monitoring and Incident Management. The monitoring of the known and unknown threats is directly proportional to the strength of the SIEM monitoring system. The individual is expected to review and monitor different monitoring alarms and provide recommendations for adequate monitoring and response. The individual is also expected to carry out Cyber Investigations and assess use of analytics for threat assessments. Extensive interfacing with MSP and stakeholders across IT and Business is expected to gather information, perform gap assessments, and streamline activities as and when required. Individual is expected to have experience in managing external and internal audits and ensure adherence to client and regulatory requirements in line with organizational policies
• Investigate security breaches and other cybersecurity incidents. Document security breaches and assess the damage they cause.
• Develop and enhance SIEM rules, use-cases, log source integration, log parsing, queries, dashboards, channels and custom rules.
• Provide support to configure, analyze, and remediate issues on the SIEM.
• Investigate suspicious activities, contain and prevent them. Correlate and validate alerts. Analyze these events within the network environment of the business, and coordinate response activities with key staff in real time.
• Understanding of security technologies including Anti-Malware, EDR, Web Security, IPS/IDS, Firewalls, Threat Intelligence etc.
• Assist the junior team members with Advanced analysis of alerts from various security tools.
• Lead the incident management process to ensure a secure environment.
• Act as an escalation contact for MSP.
• Experience in network security will be an added advantage
• Stay up to date with the latest threats, attack vectors and countermeasures
• 7-9 years of progressive experience in SIEM Implementation/Administration, Alert Monitoring and Incident Management.
• Hands-on experience with Rapid 7 SIEM will be an added advantage.
• Bachelor's degree from an accredited college / university. Management degrees MS, M. Tech in relevant field would be an added advantage.
• Preferred Certification:
o Any SIEM certification will be an added advantage
o Certified Ethical Hacker (CEH)
• Demonstrated experience in conducting security investigations
Work Schedule: 2 PM to 11 PM / 5 PM to 2 AM