Top

Job Description

Candidate in this role will be responsible for leading the security operations across various security technologies like Endpoint Security, Network Security, Web Proxy, Privileged Access Management, Single Sign On, SIEM, SOC, Vulnerability Management, etc. In this role, the candidate will act as a trusted advisor, applying consulting methodologies and industry knowledge to drive transformation and provide value to client. These engagements encompass the full end to end cycle, from initial client engagement, through assessments and road-mapping, to longer term engagement in an advisory capacity.
 
Key Responsibilities
  1. Lead and manage security operations across various security domains and technologies
  2. Be the focal point for all interactions with clients and other related stakeholders
  3. Ensure security incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring
  4. Effectively aid in incident management activities by working with SOC and other incident response teams
  5. Work with the client to understand the business requirements and translate them into Security requirements
  6. Work with other security teams/individuals to deploy security solutions, plans, policies, and procedures
  7. Own the security process and procedure for the deployed security technologies
  8. Perform continuous improvement by identifying challenges in deployed solutions and troubleshoot by working with various other IT teams
  9. Identify and report on metrics to ensure efficient use of security services
  10. Work with SOC team to configure use cases for proactive detection of security incidents across deployed technologies
  11. Create and present reports to client stakeholders on periodic basis
 
Must Have
  1. College Degree in Computer Science or equivalent with 7+ years of dedicated experience in security with at least 2 years in a similar role.
  2. Hands-on experience in at least one of the following technologies
    • WebProxy – Symantec, ZScaler
    • AntiMalware – Symantec, Microsoft Endpoint Protection
    • Endpoint Detection and Response – Symantec ATP, Microsoft EDR
    • Vulnerability Management – Qualys, Nexpose
  3. Knowledge of log management and integration with SIEM/SOC
  4. Knowledge in integration with Two Factor Authentication and Single Sign On solutions
Nice to Have
  1. Experience in design, deployment and management of security and technologies in any public cloud – AWS, Azure, IBM Cloud, etc.
  2. Certifications
    a.       CompTIA Security+
    b.      CEH
    c.       CISSP
    d.      CISM
    e.      Public Cloud - AWS/Azure/IBM Cloud

Key skill Required

  • Networking
  • Unix

Designation

  • SIEM Admin and Correlations Engineer