T&T | Cyber:D&R | SIEM | Consultant | Hyderabad
Hyderabad, IN
Deloitte
Insights zu unseren Diensleistungen im Bereich Audit, Consulting, Financial Advisory, Risk Adivisory und Tax sowie unseren zahlreichen Industrien.• 3-5 years of experience in 24x7 (rotating shifts) monitoring at a Security Operations centre
• Hands-on experience in security tools such as IBM QRadar, FireEye Anti-APT solution
• Review and triage information security alerts worked by L1, provide analysis, determine and track remediation, and escalate as appropriate
• Desirable to have experience of SOC Monitoring and tirage using SOAR • Knowledge on XDR can be an added advantage
• Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc.
• Reviews the most recent SIEM alerts to see their relevance and urgency. Carries out triage to ensure that a genuine security incident is occurring. Oversees and configures security monitoring tools • Inform L3 team of proactive and reactive actions to minimize false positives
• Maintain, manage, improve and update security incident process and protocol documentation (Run Book) • Strong understanding of Windows event log analysis
• Acts as Security Incident Handler for high-impact cyber security incidents and advanced attacks in accordance with Cyber Kill Chain methodology and incident response process.
• Conducts malware analysis and identification of Indicators of Compromise (IOCs) to evaluate incident scope and associated impact.
• Enhances workflow and processes driving incident response and mitigation efforts • Practical understanding of exploits, vulnerabilities, computer network intrusions, adversary tactics, exfiltration techniques and common knowledge
• Demonstrate proficiency in the Incident Response Process as well as the performance of threat hunting and SOC operations.
• Log analysis across disparate log sources, prioritize and differentiate between potential intrusion attempts and false alarms
• Sound understanding of different attack frameworks like Kill Chain & MITRE & ability to utilize them for incident response & reporting.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APT Cyber Kill Chain Exploits Incident response Log analysis Malware Monitoring QRadar Risk management SIEM SOAR SOC TCP/IP Vulnerabilities Windows XDR
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.