Security Consultant – Splunk , SIEM
JD:
Security Consultant – Splunk , SIEM
Splunk (With 6 to 8 years of experienced) U4 resource required at Pune Hinjewadi location .
A Security Consultant is a member of the Incident Response team and monitoring alerts of a device and correlation analysis by Splunk SIEM in real time basis. When suspicious symptom is detected through real time monitoring or fixed point observation:
- Hands on experience in providing operational SOC support of performing L2/L3 level analysis of logged SOC alerts. SIEM Tool (Splunk)
- Experience in SIEM (Splunk) setup Implementation in different platforms like Linux , Windows and Cloud.
- Administration & Support Use Case Development/Enhancement Log Souce Administration/Monitoring Content Development, Co-relation Rule creation/modification/review
- Supports the development of Cyber crisis management playbooks, run books and plans to ensure effective response during a significant event.
- SOC L2/L3 Analyst will be involved in the incident response program that aligns with the enterprise incident management framework and includes incident detection, analysis, containment, eradication, recovery and forensic artifacts required for additional investigations.
- Hands-on experience finding and responding to advance persistent cyber-attacks (APT) in a global network setting Change agent with ability to drive accountability & outcomes across a diverse threat landscape
- Ensure delivery compliance to SOW & service level adherence Implementation Standardize service delivery framework across multiple accounts Essential Technology Skills Security Operations Center (SOC) SIEM (Splunk)
- Experience with SOC incident response and management including 24x7x365 continuous monitoring, detection and analysis of potential intrusions in real-time Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
- Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design Operating system internals and hardening (e.g. Windows, Linux, iOS, Android) Web application and browser security Security assessments and penetration testing
Roles & Responsibilities:
- Minimum Experience Required: 6-8 YEARS
- Mandatory Skills: SIEM - Security Information Event Management Administration / Implementation (Splunk).
-
Must have advanced skills or knowledge in some of the following:
- TCP/IP Networking Configuration & Troubleshooting.
- Experience of Security tools like Antivirus, Firewalls, IPS, WAF, Proxy, APT, PKI
- Router & Access Control Device Configuration & Troubleshooting
- Unix / Linux Operating System Configuration & Troubleshooting
- Provides reporting/alert capability for Active Directory activity
- Any relevant IT or security certifications including CISSP, CISM, CRISC, CEH or SANS certs are expected
- APT & SOAR (i.e. Demisto) Implementation.
Yrs of Exp-4+Yrs
Job Loc- Pune