This job ad has been posted over 30 days ago...
15
applicants
Information Security Engineer Level II
at Network Security Solutions India Ltd in Chennai (Published at 01-05-2011)
Network Security Solutions India Ltd. Looking for Information Security Engineer based in chennai.
Position: Information Security Engineer Level II
Job Location: Chennai
Openings: 10
Qualifications:
3-5 years experience in the computer industry, with focus on Networks and Microsoft Windows.
· 1-2 years experience in information security and incident response,with the ability to find and remediate malware in a Windows environment.
· Working knowledge of IEEE 802.3 and 802.11 computer networking and Cisco/Juniper IOS and management platforms.
· MSCE and demonstrated command of Microsoft Windows environment.
· Scripting in .vbs, .bat, Unix shell and perl.
Main skills looked for are:
Experience in Malware Analysis
IDS Analysis and Monitoring
Windows and Unix operating system knowledge
Incident Handling
Scope of Work
The Information Security Engineer would be expected to work in the following areas:
Security Monitoring :
· Provide Information Security Operations Center (iSOC) support on a 24x7x365 basis by shift work with rotation.
· Monitor multiple security alert sources, identify and triage significant security events, determine impact and threat severity, escalate according to established procedures, and open trouble tickets using the OIS Case Management System.
· Review automated daily security reports of key security controls,escalate critical security events to the appropriate stakeholders and follow-up as required.
Incident Response:
· Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures
· Participate in all the phases of OIS incident response process,including detection, containment, eradication, and post-incident reporting.
Security Engineering:
· Participate in vulnerability scanning review and remediation by monitoring completion of vulnerability scans and taking the appropriate actions to correct operational problems with the scheduled scans. Follow-up with the appropriate IT teams on critical vulnerabilities and remediation status.
Monitoring Responsibilities:
1. Monitor Arcsight security console for security alerts, triage, and establish threat levels based on asset classification and data classification. Create trouble tickets in Case Management System.
2. Monitor OIS mail service accounts (abuse, OIS general, eServices,etc) for security events, triage, and establish threat levels based on asset classification and data classification. Create trouble tickets in Case Management System.
3. Respond to phone calls from Network Operations Center and Global Support Center, determine severity of event, assign, and/or escalate to the appropriate OIS staff based on established procedures.
4. Review daily Arcsight Very Critical & Critical alerts reports,escalate and follow-up with the appropriate stakeholders. Analyze and confirm lower level alerts with group technical staff. Open trouble tickets in Case Management System.
5. Monitor Honeypot database and Netflow reports, triage, and create trouble tickets in Case Management System.
6. Monitor corporate anti-virus infrastructure security alerts and reports. Create trouble tickets as required in Case Management System.
IR Responsibilities:
1. As assigned by the Case Management System, perform investigations of the groups corporate systems, desktops and network using standard operating procedures and methods, looking for indications of attack and/or compromise as indicated from alerting infrastructure.
2. Confirm threat classification of case assignments, escalate according to standard operating procedures.
3. Submit security related change requests for actions needed to remediate security events. Escalate as needed to NOC/On-call personnel.
4. As assigned by the Case Management System, remediate desktop malware,communicating with respective IT Staff/OIS as needed.
5. Where appropriate, submit malware from investigative work to anti-virus vendor for new anti-virus signatures, follow-up with vendor.
6. Provide details of investigations in Case Management Systems.
7. Provide daily updates of assigned and outstanding IR cases.
8. Acquire forensic images as requested by OIS.
9. Provide feedback in the enhancement of forensic gathering process capabilities and analysis.
10.Provide ongoing analysis and review for indications of attacks, including Forensic Incident Response, Triage and Repair in coordination with OIS Incident Response Team.
Note: Applications have been closed
Position: Information Security Engineer Level II
Job Location: Chennai
Openings: 10
Qualifications:
3-5 years experience in the computer industry, with focus on Networks and Microsoft Windows.
· 1-2 years experience in information security and incident response,with the ability to find and remediate malware in a Windows environment.
· Working knowledge of IEEE 802.3 and 802.11 computer networking and Cisco/Juniper IOS and management platforms.
· MSCE and demonstrated command of Microsoft Windows environment.
· Scripting in .vbs, .bat, Unix shell and perl.
Main skills looked for are:
Experience in Malware Analysis
IDS Analysis and Monitoring
Windows and Unix operating system knowledge
Incident Handling
Scope of Work
The Information Security Engineer would be expected to work in the following areas:
Security Monitoring :
· Provide Information Security Operations Center (iSOC) support on a 24x7x365 basis by shift work with rotation.
· Monitor multiple security alert sources, identify and triage significant security events, determine impact and threat severity, escalate according to established procedures, and open trouble tickets using the OIS Case Management System.
· Review automated daily security reports of key security controls,escalate critical security events to the appropriate stakeholders and follow-up as required.
Incident Response:
· Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures
· Participate in all the phases of OIS incident response process,including detection, containment, eradication, and post-incident reporting.
Security Engineering:
· Participate in vulnerability scanning review and remediation by monitoring completion of vulnerability scans and taking the appropriate actions to correct operational problems with the scheduled scans. Follow-up with the appropriate IT teams on critical vulnerabilities and remediation status.
Monitoring Responsibilities:
1. Monitor Arcsight security console for security alerts, triage, and establish threat levels based on asset classification and data classification. Create trouble tickets in Case Management System.
2. Monitor OIS mail service accounts (abuse, OIS general, eServices,etc) for security events, triage, and establish threat levels based on asset classification and data classification. Create trouble tickets in Case Management System.
3. Respond to phone calls from Network Operations Center and Global Support Center, determine severity of event, assign, and/or escalate to the appropriate OIS staff based on established procedures.
4. Review daily Arcsight Very Critical & Critical alerts reports,escalate and follow-up with the appropriate stakeholders. Analyze and confirm lower level alerts with group technical staff. Open trouble tickets in Case Management System.
5. Monitor Honeypot database and Netflow reports, triage, and create trouble tickets in Case Management System.
6. Monitor corporate anti-virus infrastructure security alerts and reports. Create trouble tickets as required in Case Management System.
IR Responsibilities:
1. As assigned by the Case Management System, perform investigations of the groups corporate systems, desktops and network using standard operating procedures and methods, looking for indications of attack and/or compromise as indicated from alerting infrastructure.
2. Confirm threat classification of case assignments, escalate according to standard operating procedures.
3. Submit security related change requests for actions needed to remediate security events. Escalate as needed to NOC/On-call personnel.
4. As assigned by the Case Management System, remediate desktop malware,communicating with respective IT Staff/OIS as needed.
5. Where appropriate, submit malware from investigative work to anti-virus vendor for new anti-virus signatures, follow-up with vendor.
6. Provide details of investigations in Case Management Systems.
7. Provide daily updates of assigned and outstanding IR cases.
8. Acquire forensic images as requested by OIS.
9. Provide feedback in the enhancement of forensic gathering process capabilities and analysis.
10.Provide ongoing analysis and review for indications of attacks, including Forensic Incident Response, Triage and Repair in coordination with OIS Incident Response Team.
Note: Applications have been closed