Associate Manager - Navi Mumbai, India - Crosstab

Description

Experience/ Qualifications

1-4 years of working experience in a security operations centre.

Strong knowledge of incident management, and change management best practices

A high level understanding of multi-tiered applications, load balancing and firewalls.

Hands on experience of either network security, intrusion prevention system, System information and event management (SIEM), integrating servers/ devices/ application with SIEM, co-relation rules creation is desirable.

Knowledge of WAF, PIM, DAM and Vulnerability assessments would be an added advantage

Awareness of threat intelligence feeds utilized to publish security advisories from various external intelligence parties is desirable.

Responsibilities

Incident Management for Security Operations Center.

Review alerts raised by the SIEM, analyze the events and classify them

Ensure tickets are logged in the IT ticketing system

Follow up on closure of the tickets with the relevant stakeholders.

Report on exceptions, highlight delays in incident closure

Assist in developing SOC vision, align to business, and build a roadmap to achieve it. Publish security advisories obtained from 3rd Party intelligence sources.

Maintain Inventory of use cases in production in liason with the SIEM administration team.

Ensure that all servers, key applications, networking devices, security devices are integrated to SOC.

Ensure that all attacks on RBI information system are detected and managed

Willing to work in 24/7 operation