This job ad has been posted over 30 days ago...
4
applicants
Security Analyst for SOC
at Network Security Solutions (I) Ltd in Mumbai (Published at 19-10-2011)
Mumbai, Vikhroli
Expectations from the candidate
At least 4 to 6 years of core Security experience.
Security Services & Control
Manage security tools & implement any agreed changes to security tools, software, computing assets and processes which support the prevention of security exposure in the Equipment, Software under the guidance of client Information Security.
SIEM tool Management and reporting
Knowledge on Cryptographic tools & methodologies
Security Incident Management and Reporting
Worked under SOC environment using SIEM Tools
Prepare and coordinate risk assessments for proposed changes to the Equipment, Software and related Services on SOC environment.
Support security incident response processes in the event of a security breach by providing logging and audit information and by providing incident reporting.
Implement and manage a security incident management process according to the Security Policy.
Coordinate notification of security incident occurrence with client.
Provide periodic trending problem reports. Create and maintain a Security Incident log that is also provided to client Information Security to facilitate historical analysis.
Assist investigators of security incidents involving the client Sites and other locations, document findings, and coordinate resolution.
Understanding of Active directory infrastructure
Participates in Change Management, Problem Management & Configuration Management
Understanding of malware, antivirus & antispam solutions
Vulnerability Management
Vulnerability Scanning & report analysis
Identification of false positives
Understand & share remediation strategies when required (application of remediation patches is out of scope)
Monitoring
Monitor logs and security events across network infrastructure. Log, monitor, investigate, and report on access violations.
Provide log analysis to provide views of misuse, fraudulent or malicious activities.
Provide alerts and reports appropriately.
Capacity Management
Performance monitoring & threshold management
Patch Management
Understanding of patch management process and tools; evaluate the release patch/recommended solution by tools.
Liaise with client Infrastructure teams for patch deployment.
Coordinate with vendor for patch Validation .
Technical Skills
• Knowledge on Active directory and patch management ( Microsoft system Interface)
• SIEM Tools (Archsight, Net Forensics, etc)
• Thorough knowledge of TCP/IP and file transfer protocols
• Knowledge on IDS / IPS, Firewall monitoring and change in rule base.
• Fair Knowledge on antimalware, antispam tools, vulnerability management
• Log reviews and security forensic reviews
• Access review of account to support Audit requirement.
• Review security device logs to analyze network traffic for suspicious/malicious activity
• Access Control Management
• Knowledge of offensive security tactics and tools
• Knowledge of cryptographic tools & methodologies
• Certifications like CCNA, MCSE, MCP or CEH would be an advantage.
• Experience with working in Windows as well as Unix/Linux environments
People Skills
• Willingness to work under 24/7 rotating shift basis
• Effective communication skills in both verbal and written English
• Ability to adhere to strict quality, service levels and change management process
• Demonstrated initiative to stay abreast of technology advancements
• Security certification such as CISSP or any other equivalent is desirable
Note: Applications have been closed
Expectations from the candidate
At least 4 to 6 years of core Security experience.
Security Services & Control
Manage security tools & implement any agreed changes to security tools, software, computing assets and processes which support the prevention of security exposure in the Equipment, Software under the guidance of client Information Security.
SIEM tool Management and reporting
Knowledge on Cryptographic tools & methodologies
Security Incident Management and Reporting
Worked under SOC environment using SIEM Tools
Prepare and coordinate risk assessments for proposed changes to the Equipment, Software and related Services on SOC environment.
Support security incident response processes in the event of a security breach by providing logging and audit information and by providing incident reporting.
Implement and manage a security incident management process according to the Security Policy.
Coordinate notification of security incident occurrence with client.
Provide periodic trending problem reports. Create and maintain a Security Incident log that is also provided to client Information Security to facilitate historical analysis.
Assist investigators of security incidents involving the client Sites and other locations, document findings, and coordinate resolution.
Understanding of Active directory infrastructure
Participates in Change Management, Problem Management & Configuration Management
Understanding of malware, antivirus & antispam solutions
Vulnerability Management
Vulnerability Scanning & report analysis
Identification of false positives
Understand & share remediation strategies when required (application of remediation patches is out of scope)
Monitoring
Monitor logs and security events across network infrastructure. Log, monitor, investigate, and report on access violations.
Provide log analysis to provide views of misuse, fraudulent or malicious activities.
Provide alerts and reports appropriately.
Capacity Management
Performance monitoring & threshold management
Patch Management
Understanding of patch management process and tools; evaluate the release patch/recommended solution by tools.
Liaise with client Infrastructure teams for patch deployment.
Coordinate with vendor for patch Validation .
Technical Skills
• Knowledge on Active directory and patch management ( Microsoft system Interface)
• SIEM Tools (Archsight, Net Forensics, etc)
• Thorough knowledge of TCP/IP and file transfer protocols
• Knowledge on IDS / IPS, Firewall monitoring and change in rule base.
• Fair Knowledge on antimalware, antispam tools, vulnerability management
• Log reviews and security forensic reviews
• Access review of account to support Audit requirement.
• Review security device logs to analyze network traffic for suspicious/malicious activity
• Access Control Management
• Knowledge of offensive security tactics and tools
• Knowledge of cryptographic tools & methodologies
• Certifications like CCNA, MCSE, MCP or CEH would be an advantage.
• Experience with working in Windows as well as Unix/Linux environments
People Skills
• Willingness to work under 24/7 rotating shift basis
• Effective communication skills in both verbal and written English
• Ability to adhere to strict quality, service levels and change management process
• Demonstrated initiative to stay abreast of technology advancements
• Security certification such as CISSP or any other equivalent is desirable
Note: Applications have been closed
Recent jobs at Network Security Solutions (I) Ltd
-
02 Jan
Information Security Consultant
Network Security Solutions (I) Ltd,
Pune -
05 Jan
Information Security Consultant - VA/PT
Network Security Solutions (I) Ltd,
Pune -
29 Dec
Information Security Consultant - VA/PT
Network Security Solutions (I) Ltd,
Pune -
14 Dec
Certified Information Systems Auditor (CISA)
Network Security Solutions (I) Ltd,
Delhi -
22 Nov
Web Application Tester
Network Security Solutions (I) Ltd,
India,Pune/Mumbai