Sampoorna Consultants Pvt. Ltd
This listing was posted on hirist.
Cyber Security Consultant - Monitoring Tools (4-7 yrs) Bangalore (DevOps)
Location:
Bangalore
Description:
Job Description :1. Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to :- Firewalls (Zscalar, Cisco ASA & Palo Alto etc.,)- Systems and Network Devices- Web Proxies (Zscalar)- Intrusion Detection/Prevention Systems (Zscalar, Cisco ASA & Palo Alto etc.,)- Data Loss Prevention (Zscalar)- EDR / Antivirus Systems (Crowd Strike, MDE etc.,)- Knowledgebase Framework (Confluence)2. Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including :- SIEM tools like Splunk & Microsoft Sentine queue management from different data sources Network/EndPoint/Firewall etc., (Splunk & Microsoft Sentinel etc.,)- Security email inbox (ProofPoint, Rapid7, Area1 etc.,)- Intel feeds via email and other sources (e.g. NH-ISAC)- Incident Ticketing queue (ServiceNow)3. Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context4. Perform triage of service requests from customers and internal teams5. Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation6. Assist with containment of threats and remediation of environment during or after an incident7. Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers8. Document event analysis and write comprehensive reports of incident investigations9. Proactively improve security-related operational processes and procedures10. Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools (Splunk & Microsoft Sentinel)11. Maintain operational shift logs with relevant activity from the Analyst's shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis12. Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingest of daily intelligence reports and previous shift logs13. Conduct research and document events of interest within the scope of IT Security14. Alternatively, consulting, or advisory experience in Security Operations15. Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression.16. Validate IOCs that triggered the original alert.17. Research additional internal and external data sources for additional enrichment of event information18. Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident.19. Create filters, data monitors, dashboards, and reports within monitoring utilities.20. Troubleshoot security monitoring devices to improve event correlation and performance.21. Handle high and critical severity incidents as described in the operations playbook.22.Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing23. In-depth knowledge of at least one SIEM platform or security data lake and related processes (ref:hirist.tech)
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to hirist
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: Cyber Security Consultant - Monitoring Tools (4-7 yrs) Bangalore (DevOps)
Cyber Security Consultant - Monitoring Tools (4-7 yrs) Bangalore (DevOps) is a Consulting Jobs Consultant Job at Sampoorna Consultants located in India. Find other listings like Cyber Security Consultant - Monitoring Tools (4-7 yrs) Bangalore (DevOps) by searching Oodle for Consulting Jobs Consultant Jobs.
Cyber Security Consultant - Monitoring Tools (4-7 yrs) Bangalore (DevOps) is a Consulting Jobs Consultant Job at Sampoorna Consultants located in India. Find other listings like Cyber Security Consultant - Monitoring Tools (4-7 yrs) Bangalore (DevOps) by searching Oodle for Consulting Jobs Consultant Jobs.