- Conduct risk based vulnerability assessments and penetration tests on network and applications.
- Continuous fine-tuning of our security solutions to improve the security posture of the company.
- Monitor and analyze trends, security logs and alerts from DLP, IDS/IPS, firewalls and other network appliances, Linux servers, WAFs, DDos, API attacks, proxies, anti-virus, identity management and end-point protection etc. in order to identify and mitigate security incidents.
- Continuous review of Indicators of Attack (IoAs) and Indicators of Compromise (IoCs).
- Perform platform health checks to ensure that our security solutions are operating effectively and efficiently.
- Continuous improvement to reduce threat exposure time in our environment through automation and process simplification.
- Monitor US-CERT, Security Focus, NIST notifications to evaluate latest security trends, evolving threats, risks and vulnerabilities.
- Respond and lead activity during security incidents including network attacks, zero day vulnerabilities and other major security events, establishing business impacts, and advising on how to contain the incident and identifying root cause analysis for future prevention.
- Manage applications and tools supporting incident response, event management, data protection, and vulnerability scans.
- Keep SOC documentation, processes and procedures updated.
- Development of data and metrics for compliance reporting.
- Resolve problems independently and understand escalation procedures.
- Write Linux and Python scripts for automating day to day tasks.
Perform other duties as assigned.
- Hands on experience in Security Information Event Management (SIEM) tools, log analysis, creation of basic co-relation rules, and administration of SIEM.
- Hands on experience in management of Kali Linux, IDS/IPS, firewall, threat intelligence platforms, and other security products.
- Have done vendor specific certifications like CCSE, CEH, CISSP.
- Strong critical thinking and problem solving skills.
- Passion for information and data security.
- Detail oriented with strong organization skills.
- Excellent troubleshooting skills.
- Excellent verbal and written communication skills.
Proactive, self-managed, and able to interface well with technical teams across the organization
4-6 yrs experience
- Splunk, Nexpose, Nessus & Kali Linux, Panda framework