Job requisition ID :: 77454
Date: Feb 6, 2025
Location: Mumbai
Designation: Assistant Manager
Entity:
* Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
* Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc.
* Active analysis on Security Vulnerabilities, Advisories, Incidents, and Attack techniques.
* Tuning the SIEM rules to remediate false positive security alerts.
* Creating SIEM rules to fulfill requirements provided by customers in their security use cases.
* SIEM Administrator is responsible for maintaining client’s SIEM appliance by making sure all SIEM deployment devices are working properly, efficiently and with desired performance.
* Inform L3 team of proactive and reactive actions to minimize false positives
* Identifying the risk for Infrastructure and executing the plan to reduce the risk.
* Driving End to End Internal and External Audits for Security infrastructure.
* Responsible to Perform detailed investigation on security log data events through SIEM Console.
* Security Analysis using Industry standard tools and technologies.
* Preparing detailed run book for each Use case for creating the SOAR playbook
* Active analysis on Security Vulnerabilities, Advisories, Incidents, and Attack techniques.
* Have knowledge in device integration for log collection and developing custom parser for unsupported log source integration.
* Creating security Usecases and mapping it line to MITRE ATTACK and Cyber Kill Chain phases.

Certification’s requirements: IBM QRadar Administration / CEH/ Any Cloud Admin Certifications