Job Description
Role: SOC Security Monitoring and ing (T2)
Location: Bangalore
Who are we looking for
This is an advanced level position which will support Mphasis SOC/Managed Security Services. It requires to continuously monitor cyber security events, perform triages, and provide response/remediation activities.
Technical Skills:
Experience SIEM Monitoring solutions [Azure Sentinel (Primary), Splunk, Qradar, ArcSight (secondary)] and a variety of other security devices found in a SOC environment
Should have good knowledge in firewalls, ID/IPS, AV/EDR, Proxy, DNS, email, AD, etc.
Good understanding in Log formats of various security devices like Proxy, Firewall, IDS/IPS DNS,
Solid foundational understanding of networking concepts (TCP/IP, LAN/WAN, Internet, network topologies)
Experience in major operating systems (Windows, Linux)
Understanding of current trends in attacker and threat actor tools, techniques, and procedures (TTP) and mitigation steps
Strong analytical and problem-solving skills
Excellent communication and interpersonal skills
Process Skills:
Analyze cyber security events escalated by level 1 security analysts and act as the escalation point for in detection, response, and remediation activities
Triage of the cyber security events, prioritize and recommend/perform the response measures
Provide technical support for various IT teams in response and remediation activities
Escalate the events/incidents to L3 analysts and stakeholders
Undertake ownership of security incident tickets and follow up till closure
Provide guidance for L1 analysts in analyzing events and response activities
Coordination with various teams for Cyber incident response and remediation related activities
Ensure adherence to information security policies and best practices in client environments.
Provide effective communication to all stake holders to meet SLAs and contractual requirements
Prepare Daily/weekly/Monthly dashboard reports and share with relevant stake holders
Document/update playbooks and other operational procedures
Maintain knowledge about client systems and IT infrastructure and update relevant documentation
Continuously learn and keep abreast on latest trends in attack patterns and tools
Qualification:
4-8 years of experience in area of Systems/Network/Information Security is required. Minimum 1- 2 years in Azure Sentinel is preferred
Azure MS500 certified or Azure Sentinel Foundational experience
Professional/Technical Certifications (CEH, Security+, CCSE, CCSP, TICSA, MCSE, CCNA, etc.) desirable
What’s in for you
At Mphasis, we promise you the perfect opportunity of building technical excellence, understand business performance and nuances, be abreast with the latest happenings in technology world and enjoy a satisfying work life balance.
With the current opportunity, you will get to work with the team that has consistently been setting benchmarks for other deliveries in terms of delivery high CSATs, project completion on time and being one of the best teams to work for in the organization.
You get an open and transparent culture along with freedom to experimentation and innovation
About the practice/ Project:
The position is for Cyber Defense practice, responsible for growth related initiatives. The practice is enriched and heavily invested in pursuing Cyber services globally.
Who are we
Mphasis is a leading IT solutions provider, offering Applications, Business Process Outsourcing (BPO) and Infrastructure services globally through a combination of technology knowhow, domain and process expertise. Over the years we have left an indelible impression in the IT solutions domain with an impressive clientele and an extensive global presence. The accolades we have been garnering can be attributed to our undeterred focus in delivering quality solutions across verticals that meet the challenging requirements of our esteemed customers. Our integrated solutions offering is aimed at creating value for our customers, helping them in improving their business processes with minimum hassles and capital outlays.


Source link