SOC Operations - Hyderabad, India - Zensar Technologies
Description
SOC OPERATIONS
-
(
0094757
)
Description
Role and Responsibilities
- Undergraduate degree or equivalent experience
- Minimum 8 yrs of overall experience out of 5 Yrs. of relevant experience in any Information security domain.
- Proven expertise of Security Operations (L2/ L3) in Infrastructure Security Services domains.
- Ability to resolve issues pertaining to security solutions implemented at client locations.
- Working experience on incident response, threat protections, SecOps, identity & Access management & vulnerability management
Technical Skills
Any of the below 2.
SIEM - Skills
- Create, modify, and tune the SIEM rules to adjust the specifications of alerts and incidents.
- Knowledge Integrating various log sources like Windows, Linux, Pala alto firewall, AWS, Etc.
- Work with the customer designated personnel to provide continual correlation rule tuning, incident classification and prioritization recommendations.
- Report query adjustments, and various other SIEM configuration activities.
- Assist customers to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources.
- Work closely with the assigned Managed Services SIEM resources to ensure client s customized Resolve problems related to Network, Device, Policy, connectivity issues etc.
- Monitoring and processing various sources to produce actionable intelligence for multiple consumers
- Identify new opportunities/threats in the network to improve the security of the network
- Monitor and administer enterprise log correlation (SIEM)
- Select, design, implement and manage security measures to reduce the risk of loss
VM - Skills
- Collecting, analyzing, interpreting, evaluating, and integrating vulnerability data from multiple sources to update existing product
- Vulnerability/exploit research and creating signatures for the same
- Handle Customer escalations, to identify False-Positive & False-Negative
- Actively investigate the latest in security vulnerabilities, advisories, incidents, and provide insights (sources like, Microsoft, Oracle, etc)
- Troubleshooting security vulnerability issues/ gaps that arise
- Vulnerability data discovery and validation (Data efficacy & Accuracy)
- Develop, test and modify custom scripts for vulnerability content
- Manually/Automate analyzing new CVE information published
XDR - Skills
- Monitor and analyzing Threat hunting, Deep investing on Cortex XDR Alerts, Detection, Incidents.
- Troubleshoot and Configure Prevention Policies, Custom IOA Rule Groups, Detections Management, Exclusions, IOC Management, Firewall Policies, Firewall Rule Groups, USB Device Policies, Response Policies, Response Scripts & Files, Containment Policy, Sensor Update Policies.
- Should be able to check and utilize all Vulnerability feature in spotlight.
PAM / IDM - Skills
- Perform daily tasks that include reconciliation of servers, daily health check of the PAM servers, run daily compliance reports, etc.
- Manage Privileged Session Management and associated policies.
- Create and manage Platforms, Policies and Safes for Privileged ID's.
- Responsible for Privileged User account administration for various platforms including Windows, UNIX, LDAP, Databases.
- Manage Service Accounts, Non-Production Accounts, Test Accounts within the vaults.
- Develop and maintain documentation for security systems and procedures.
- Reporting and Metrics
Primary Location:
India-Telangana-Hyderabad
Job Posting:
Mar 13, 2023
Experience Required (In Years):
Minimum
- 5
Maximum
- 10
More jobs from Zensar Technologies
-
Game tester
Pune, India - 4 days ago
-
Voice Service
Pune, India - 2 weeks ago
-
SOC Operations
Pune, India - 2 weeks ago
-
Sdet - Java and Open Source, Sdet - Microsoft
Pune, Maharashtra, India - 3 weeks ago
-
Software Engineering Consultant
Bengaluru, India - 2 days ago
-
Dms - Sales Force Journey Builder
India - 2 weeks ago