- Minimum 8 years of experience.
- Provide technical leadership for the delivery team responsible for L3 incident resolution.
Handson experience in 2 or more of the Vuln Assessment tools and Vuln. Lifecycle management
Well conversant in Qualys Tenable rapid7 & MS Defender covering both VM & Policy compliance scanning.
- Exposure to Mitre framework and equivalent Handson experience in EDR platforms and threat analysis threat hunting/incident response experience
- Coordinate SOC efforts across multiple business units during response.
- Contribute towards Technology Transformation and drive automation initiative
- Develop implement and execute standard procedures for the administration content management change management version/patch management and lifecycle management of the SIEM/Log Management platforms.
- Perform hunting exercises using threat intelligence analysis of anomalous log data and results of historical events and data to detect and response to threats
- Conduct proofofconcept reviews for new security products.
- Prepare reports summaries and other forms of communication that may be both internal and client facing.
- Maintaining familiarity with industry trends and security best practices.
- Ensure compliance to SLA process adherence and process improvisation to achieve operational objectives.
- Work/guide on scripting like Python Perl Bash and/or Shell scripting
- Evaluating Email Security solutions for policies like Sender Policy Framework (SPF) and Domain Keys Identification Mail (DKIM) recommend finetuning.
- Effectively communicate/present security concepts with both technical and nontechnical individuals
- Author postmortem reports to be provided to senior leadership following an intrusion or red team engagement.
- Handson experience in 2 or more of the SIEM Analysis and use case management areas
- Advocate protection and mitigation strategies to be implemented from lessons learnt exercises
- Strong knowledge and work experience in handling vulnerability assessment on cloudbased architecture using Prisma cloud Wiz.io etc.
- Other tools knowledge pertaining to CSPM AND ASM will be preferred in addition.
- Experience in defining implementing and consulting for vulnerability management framework based on enterprise security.
- Overall knowledge in VM process and remediation Governance. Ability in working with the Business to effectively communicate the risks of identified vulnerabilities and recommend approach for addressing vulnerabilities.
- Collaborating with stakeholders for remediation and providing updates to customers on a weekly and monthly basis. Working knowledge in SNOW threat monitoring tool and Risk based vulnerability assessment integration Platform.
- Development revision and maintenance of Standard Operating Procedures and other Operational Documents
Soft skills
- Shall have good verbal/written communication skills
- Should be willing to work in 24x7 environments
- Incumbent should carry continual system improvement mindset and able to demonstrate in work.
- Should have client facing technical analysis report representation skills