Job Description :
Technical skill sets:
Excellent Understanding of common network services, and network attack patterns
Excellent understating of malware and intrusions
Hands on experience in atleast one of the following technologies (Firewalls, Antivirus, SIEM)
Excellent communication and documentation skills.
Define and develop metrics for executive leadership
Understand various compliance and regulatory requirements
Job Roles:
Interact with customer to understand requirements.
Track security incidents and follow up till closure including data exfiltration and breaches.
Perform incident response and forensic investigations across all escalated events from L2 Triage team
Perform root cause analysis using firewall, SIEM and Antivirus logs
Proficiency in creating relevant Standard Operation Procedures and Incident Response Playbooks.
Leverage threat intelligence to ensure proactive detection and mitigation of known threats.
Define and develop metrics for executive leadership.
Create, maintain and update risk register.
Create daily , weekly and monthly reports
Perform trend analysis and propose remediation actions.
Prepare reports on threat mitigation performed and monitored alerts.
Prepare reports & distribute in readiness for Customer tuning calls
Process requirements:
Adheres to standard operating procedures / work instructions
Should be comfortable working in 24*7 environments including weekends
Provides inputs to modify/update/design standard operating procedures / work instructions
Follow the escalation process
Follow the shift hand-over process
Update the knowledge base
Technically upgrade across versions of environment when required
Managing independent shifts
Complies to regulatory requirements