Act as a lead throughout incident scenarios and provide subject matter expertise in cybersecurity incident response
Conduct host based and network forensics, log analysis and malware triage supporting incident response
Work with application owners to determine log based monitoring requirements and develop rules in SPLUNK to detect anomalies
Execute incident response process when a security incident has been declared
Services monitored and delivered include, but are not limited to SIEM, IDS/IPS, Firewall, Web Content Filtering, Data Leak Prevention (DLP), Proxy, and Security Event Correlation and Reporting to appropriate Tier 2 incident handling staff or relevant sources to determine increased risk to the business
Work closely with rest of Corporate IT (CIT) Security team to ensure all security protection measures, policies, and procedures, including general IT standards, are implemented and functioning as planned globally
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.