SOC Operations - Hyderabad, India - Zensar Technologies

Zensar Technologies

Verified Company

Hyderabad, India

2 weeks ago

Posted by:

Deepika Kaur

beBee Recuiter

SOC OPERATIONS

-

(

0094757

)

Description

Role and Responsibilities

Undergraduate degree or equivalent experience
Minimum 8 yrs of overall experience out of 5 Yrs. of relevant experience in any Information security domain.
Proven expertise of Security Operations (L2/ L3) in Infrastructure Security Services domains.
Ability to resolve issues pertaining to security solutions implemented at client locations.
Working experience on incident response, threat protections, SecOps, identity & Access management & vulnerability management

Technical Skills
Any of the below 2.

SIEM - Skills

Create, modify, and tune the SIEM rules to adjust the specifications of alerts and incidents.
Knowledge Integrating various log sources like Windows, Linux, Pala alto firewall, AWS, Etc.
Work with the customer designated personnel to provide continual correlation rule tuning, incident classification and prioritization recommendations.
Report query adjustments, and various other SIEM configuration activities.
Assist customers to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources.
Work closely with the assigned Managed Services SIEM resources to ensure client s customized Resolve problems related to Network, Device, Policy, connectivity issues etc.
Monitoring and processing various sources to produce actionable intelligence for multiple consumers
Identify new opportunities/threats in the network to improve the security of the network
Monitor and administer enterprise log correlation (SIEM)
Select, design, implement and manage security measures to reduce the risk of loss

VM - Skills

Collecting, analyzing, interpreting, evaluating, and integrating vulnerability data from multiple sources to update existing product
Vulnerability/exploit research and creating signatures for the same
Handle Customer escalations, to identify False-Positive & False-Negative
Actively investigate the latest in security vulnerabilities, advisories, incidents, and provide insights (sources like, Microsoft, Oracle, etc)
Troubleshooting security vulnerability issues/ gaps that arise
Vulnerability data discovery and validation (Data efficacy & Accuracy)
Develop, test and modify custom scripts for vulnerability content
Manually/Automate analyzing new CVE information published

XDR - Skills

Monitor and analyzing Threat hunting, Deep investing on Cortex XDR Alerts, Detection, Incidents.
Troubleshoot and Configure Prevention Policies, Custom IOA Rule Groups, Detections Management, Exclusions, IOC Management, Firewall Policies, Firewall Rule Groups, USB Device Policies, Response Policies, Response Scripts & Files, Containment Policy, Sensor Update Policies.
Should be able to check and utilize all Vulnerability feature in spotlight.

PAM / IDM - Skills

Perform daily tasks that include reconciliation of servers, daily health check of the PAM servers, run daily compliance reports, etc.
Manage Privileged Session Management and associated policies.
Create and manage Platforms, Policies and Safes for Privileged ID's.
Responsible for Privileged User account administration for various platforms including Windows, UNIX, LDAP, Databases.
Manage Service Accounts, Non-Production Accounts, Test Accounts within the vaults.
Develop and maintain documentation for security systems and procedures.
Reporting and Metrics