DM | Security Information and Event Management (SIEM) | Mumbai |D&R

Mumbai, IN

Full Time Senior-level / Expert USD 28K - 67K *

Deloitte

Insights zu unseren Diensleistungen im Bereich Audit, Consulting, Financial Advisory, Risk Adivisory und Tax sowie unseren zahlreichen Industrien.

View all jobs at Deloitte

Apply now Apply later

Posted 1 week ago

Minimum of 6-10 years’ experience manage large Security Operation Centers projects

Responsible for adherence of SLA for all tickets and deliverables in the project
Advise and tracks remediation of issues found during an incident or vulnerability that is required to conclude a security investigation
Responsible for the validation and analysis of investigations within Security Operations Center (SOC) done by L1/L2
Good understanding of SOC concepts and log review from various sources such as IBM QRadar SIEM, Palo Alto and SOAR
Responsible for completing the documentation of the investigation; determine the validity and priority of the activity and Carry out Level 3 triage of incoming issues and escalate to L4 if needed
Creation of SOPs and run book and maintain it.
Provide communication and escalation support to L1/L2 throughout the incident per the SOC guidelines.
Ensure that all security events and incidents (internal / external) are logged into ServiceNow and regularly updated and closed within the set SLAs
Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP
Knowledgeable in the fundamentals of firewall, IDS/IPS, EPP/EDR, FIM, WAF, VPN, and other security protective/detective controls.
Knowledge of email security threats and security controls, including experience analyzing email headers Experience analyzing network traffic using tools such as Wireshark, to investigate either security issues or complex operational issues
Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.
Must be able to map security incidents with MITRE ATT&CK framework or the cyber kill chain
Consulting for creation of threat-based use cases will be an added advantage
Would be playing the role of a shift lead for L1/L2 teams
Must be creating Bi-weekly/ Governance reports around the SOC operations for the Senior Management

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats: 0 0 0

Tags: Business Intelligence Cyber Kill Chain DNS EDR Firewalls Governance IDS Incident response IPS MITRE ATT&CK QRadar SIEM SLAs SMTP SOAR SOC TLS VPN Vulnerabilities

Region: Asia/Pacific

Country: India

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.