Job Description
• Monitor, review, and investigate events generated by the SIEM on a daily basis. • Create trouble tickets for reported issues. • Initial classification & severity labeling of each new incident • Develop and deploy IDS signatures based on various threats. • Investigate triggered signatures from various security tools and appliances to identify threats and false positives. • Recognize potential, successful, and unsuccessful intrusion attempts and perform careful analyses of relevant event detail and summary information. • Write custom scripts to automate certain tasks. • Perform vulnerability scanning to discover and analyze vulnerabilities and characterize risks to information system components. • Recommend appropriate remedial actions to mitigate identified security vulnerabilities.
Requirements
• A Bachelor's Degree in Computer Science, Information Technology or Information Security (Master's Degree preferred). • Minimum 3 years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM tools, and malware triage. • Requires technical knowledge in Information security standards and protocols, as well as an understanding of cyberspace threats and Vulnerabilities. • Experience in deploying IDS/IPS technologies. • Experience in deploying and operating vulnerability scanning infrastructure and services. • Strong knowledge of SIEM Tools. • Candidate should be able to write advanced SIEM queries and create reports. • Candidate should be able to monitor and track multiple issues simultaneously. • Candidate should be able to present analysis results and findings in an organized and professional manner.
Employment Type
- Full Time
Job Category
Seniority
Details
Employment type
- Full Time
Job Category
Seniority
