Security Operations Engineer - Chennai, India - Insight Global

    Default job background
    Technology / Internet
    Description

    Must Have Requirements:

    5-7+ years of information technology experience including security and compliance

    3+ years cyber security experience

    2 years of Splunk experience

    Fluent with Wireshark

    Experience analyzing cloud traffic and logs

    Day-to-Day:

    This position is responsible for security alert monitoring and remediation for all security products and customers supported out of the Security Operations Center. This operational position requires the engineer to be responsible for the surveillance and control of Security Operations Center monitoring system. Responsibilities will include but not be limited to responding to any auto-generated alarm incidents ensuring the integrity of customer network, computer, and end user environments, In addition this position will be responsible for handling any triggering incidents or service requests based on customer emails to shared inboxes, Service Desk tickets, and/or Call Records, handling escalations from the Level 2 engineers, handling Level 3 incident troubleshooting, handling customer engagement via customer defined processes and protocols. Transitioning incident and service request support to Security Operations Leads and L4 engineers or higher and/or Customer Engineering Teams. The support provided must be conducted in a manner that meets and/or exceeds agreed upon Service Level Agreements (SLAs) defined within customers statements of work and corporate T-Cs, that is procedurally compliant, and that ensures data integrity and detailed recording of information in tickets.

    The position supports customer security strategy and objectives by day to day security monitoring. It provides services to mitigate cyber risks to protect customer information, systems, products, facilities, and assets. This position is a shift based position and will have well defined working hours.

    This position will handle both Tier 2 and Tier 3 alerts as needed, including escalation from the Tier 1 &2 engineers.

    Essential Functions:

    • (40%) Security Operations -- Monitor security alerts and events and follow playbooks to respond to and escalate security incidents.
    • (30%) Security Escalations -- Assist Tier 1 & 2 team in responding to more severe security alerts.
    • (10%) Technical Training -- A SOC expert – L3 is expected to keep up to date on the latest security trends and technologies. Time will be available for continued training.
    • (20%) Security Implementation -- This could include the following: documenting procedures, Administer security applications, system and/or security reviews, vulnerability scans, system patching, and other security related tasks.

    **100% in office environment (5x a week or 3x a week - 12 hour shifts)**