Team Leader - Security Operation Center; an MNC Consulting Firm, Gurgaon
Experience: 5-10 Years
Compensation: 15L-17 L
Education: BE/B.Tech(Computer Science/IT) / MCA
Industry Type: Consulting
Posted Date: 27-Jul-16
Job Description & Candidate Profile
Responsible for handling all security alerts – Review the alerts and handle them as per the process. This involves working with different groups and ensuring that all the alerts are closed in a timely manner. Also contributes to the process improvements.
Investigate, analyze and contain malware incidents – Includes performing computer forensic investigations
Responsible for patch management process
Performing security impact analysis for the patches and vulnerabilities published by vendors and other security research sites for different platforms (Operating Systems, Web Servers and Network devices)
Defining priority for the patch rollout and ensurethey are rolled out in a timely manner
Scanning the systems and other platforms to validate that the patches are applied and following up with various teams to address any gaps
Responsible for conducting internal VAPT, compile executive summary for senior leadership and coordinate remediation.
SIEM solution management and maintenance:
Ensure health of underlying architecture
Create ruleset and alerts to cover the current threat landscape
Remediate alerts generated by the system
Manage vendor relationship with OEM
Security Log Analysis – Monitor and analyze the logs from various security tools and correlate events
Compile Security Metrics - Automate management reports based on information generated from different security tools.
Compile security and efficiency metrics for management review.
Collaborate with different groups to ensure that their requirements and new initiatives adhere to information security policies and best practices
Perform device reviews to ensure compliance with hardening standards, access controls and security related configuration settings
Prepare and update security documentation including security procedures, standards, notifications and alerts in support of other teams within the EgonZehnder Security department.
Assist in writing best practice procedures for the following services: Incident analysis, Incident response coordination, security audits or assessments, certificate authority, log analysis & diagnostics, and host vulnerability scanning
Skills and Attitude required :
Prior work experience in SOC or NOC environment
Should be able to conduct advanced forensics including packet captures using tools such as Wireshark, Netmon etc.
Knowledge and experience of configuration and operation of SIEM Solutions
Expert knowledge of configuration and operation of Security Solutions including, Firewalls, IDS, Internet Filters, DLP, Vulnerability Scanners, Anti Malware Solutions etc.
Strong analytical and problem solving skills
Excellent communication skills both verbal and written
Knowledge of various regulatory and compliance standards e.g. ISO 27001 regulations
Experience in evaluating and implementing new tools, solutions by working directly with the vendor
Education - BE/B.Tech(Computer Science/IT) / MCA
Experience - 5-10 years of experience in Security Operations domain
Relevant Professional Qualifications
Certified Information Systems Security professional (CISSP)
Certified Ethical Hacker (CEH)
Global Information Assurance Certifications (GIAC) e.g. Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Enterprise Defender (GCED)