Job Description :
Please share years of experience on required skills:
Skill Set Needed: Security Operations Analyst Engineer - order of importance is Splunk cloud and Splunk ES (enterprise security), Qualys
- Experience with Splunk cloud and Splunk ES (enterprise security)
- Experience with Vulnerability scanning ( looking at Qualys & Tenable)
- Security ops reporting
- Palo Alto
- Phish Me
- MS Active Directory
- Cisco routers and switches
Work to be Conducted:
Develop and maintain security analytics/metrics for effective measurement of operations volumes across various vendors and platforms
Perform complex security event log monitoring and analysis for applications and infrastructure both on- and off-site; coordinating with several business partner interfaces to
identify possible threats to network security
Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation and future avoidance
Support critical, sensitive incidents
Support vulnerability and patch management program including metrics and reporting
Participate in security technology evaluation/selection processes and various security implementation projects as necessary
Collaborate and support various internal technology teams and service providers on security related issues and provide guidance and recommendations as necessary
Assist with real-time security incident handling and tracking (e.g., intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support Incident Response Team
Works with end users to determine needs of individual departments, implements policies or procedures, and tracks compliance through the organization
Keeps immediate supervisor well-informed of internal and external daily, weekly and project activities, recommendations, and corrective actions related to the overall information security of the organization.
Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs.
Assist with the coordination involved in the performance of all forms of security testing including penetration test, compromise assessments and vulnerability scans.
Assist with quarterly or annual security tasks such as account reviews, clean desk policy audits, health check of applications such as Splunk
Serve as lead Project Manager for new implementations, service enhancements, vendor integrations, etc