I

SOC/SIEM Experts

Infosys · State of Karnataka, India

3–10 yrs experiencePosted 2w ago
Apply now →

Job description

## **Key Responsibilities:** - At least experience in Information Security operations management with hand on experience in large security operations center using IBM QRadar Splunk ArcSight or similar SIEM tool - Manage network endpoints and forensics initiatives malware triage and cyber security incident response - Managing Cyber Security Services engagements and engagement teams - Recognizing common attacker tools tactics and procedures - Providing oversight for on site examinations and collections and technology advisory services to enhance forensic client engagements - Researching and developing new digital forensics scripts tools and methodologies - Assessing and troubleshooting a variety of technical issues and support a cyber response lab on our clients SIEM tool and UEBA platform - Assist in conducting peer reviews and providing quality assurance reviews for junior personnel and will support the mentoring of junior incident - managers and provide guidance to others on incident management prioritization triage and report writing in support of onsite engagements - Guiding the team to Monitor identify and investigate the security alerts and perform incident response activities related to cybersecurity incidents - Creates new trouble tickets for alerts that signal an incident and require Tier 2 Incident Response review - Respond to cybersecurity incidents conduct threat analysis as directed and address detected incidents for resolution - Should be able do multitasking to coordinate incident with Sr analyst and escalation manager - Recommend enhancements to SOC security process Operations efficiencies - Create Incident response IR plan IR play books manage all incidents and crisis situations - Log Analysis handle resolve security incidents - Collaborate with respective tracks technical team for remediation of the incident - Periodical review of incident response plan and procedures - Recommend and document specific countermeasures and mitigating controls - Develop comprehensive and accurate reports and presentations for both technical and executive audiences ## **Preferred Skills:** Data Security->Public Key Infrastructure(PKI),Devops->Google Cloud Ptatform (GCP),IDAM->CA Siteminder(CA Identity Suite),IDAM->IBM Security Identity manager(ISIM),Infrastructure Security->Malware Analysis,Infrastructure Security->Symantec Endpoint(SEP),Network Security->Firewalls->Checkpoint,Network Security->Firewalls->Juniper-Firewalls,Network Security->Firewalls->Palo Alto,Network Security->Firewalls->Web Application Firewall(WAF),Security Incident and Event Management(SIEM)->Arcsight,Security Incident and Event Management(SIEM)->Logrythm,Security Incident and Event Management(SIEM)->QRadar,Security Incident and Event Management(SIEM)->RSA Envision,Security testing->Cloud Security,SOC,SOC->Security Monitoring,SOC->Security Operations Center(SOC/SIEM),Tools->Service Now->ServiceNow-Security,Tools->Splunk