Job Description
- Monitor, review, and investigate events generated by the SIEM on a daily basis. - Create trouble tickets for reported issues. - Initial classification & severity labeling of each new incident - Develop and deploy IDS signatures based on various threats. - Investigate triggered signatures from various security tools and appliances to identify threats and false positives. - Recognize potential, successful and unsuccessful intrusion attempts and perform careful analyses of relevant event detail and summary information. - Write custom scripts to automate certain tasks. - Perform vulnerability scanning to discover and analyze vulnerabilities and characterize risks to information system components. - Recommend appropriate remedial actions to mitigate identified security vulnerabilities. - Write both technical and executive incident reports
Requirements
Experience - Minimum 3 years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM tools, and malware triage. - Requires technical knowledge in Information security standards and protocols, as well as an understanding of cyberspace threats and Vulnerabilities. - Experience in deploying IDS/IPS technologies. - Experience in deploying and operating vulnerability scanning infrastructure and services. - Strong knowledge of SIEM Tools. - Candidate should be able to write advanced SIEM queries and create reports. - Candidate should be able to monitor and track multiple issues simultaneously. - Candidate should be able to present analysis results and findings in an organized and professional manner. Attitude - Excellent teamwork skills - Strong negotiator - Self-motivated - Self-management Employment type - Ability to work in shifts ( 24*7)
Employment Type
- Full Time
Seniority
Details
Employment type
- Full Time
Seniority
