$45000 - $56000 Year
Monday to Friday
Day shift
Health insurance
Paid time off
Employee discount
Dental insurance
Vision insurance
401(k)
401(k) matching
Flexible schedule
Parental Leave
Tuition reimbursement
Flexible spending account
Retirement plan
Others
•Sound in SIEM ELK Administration / Development.
•Event logging and event analysis and experience in forensic analysis, Packet Analysis tools like Wireshark/NMAP, TCP Dump etc. Good knowledge in enterprise security products like SIEM tools, SOC, Security Incident Management, Threat Intel, Malware analysis, Firewalls, IPS, Web/content Filtering tools, AV, APT Tools, Wireshark, TCP Dump, Encase/Any other Forensic tool kit, Conduct and lead large complex investigations and Digital Forensics, threat hunting campaigns, knowledge of Vulnerability assessment and penetration testing.
•Good understanding of Diverse Telecom and Infrastructure technology 5G, 4G, Fixed line, Windows, Unix, Security tools technology, SOC operation, Incident Life cycle, NIST framework
•Provide feedback and suggestions on improving the analysis and rules used for user behavior analysis
•Proficient in creating SIEM use-cases, correlation rules and baselines to monitor Malicious activity, IOCs, and anomalies
•Elasticsearch, Logstash, Kibana stack, System Administration
•Configuring, administrator, and maintaining the Elasticsearch cluster environments.
•Elasticsearch-related activities such as monitoring, upgrades, patching, security, troubleshooting, issue resolution, backup procedures, writing queries, and performance tuning
•Ability to create operations documentation for maintaining the ELK infrastructure.
•Create, customize, and manage dashboards / reports.
•Integration of API/application such as Service now/Remedy
•Hands on experience Elasticsearch, Logstash, Kibana stack, System Administration
•Should have good knowledge in firewalls, ID/IPS, AV/EDR, Proxy, DNS, email, AD, etc.
•Good understanding in Log formats of various security devices like Proxy, Firewall, IDS/IPS DNS,
•NAS storage management and managing as per compliance
•Operational Duties as assigned
Soft Skills
•Excellent communicator and technical writing skills, able to engage and effectively respond to diverse stakeholders. Good in interpersonal skills, capable to interact with people at all levels
•Action-oriented and results driven with strong time-management skills
•Flexible attitude, reliable, problem-solving, team player and analytical skills
•Excellent interpersonal skills, capable to interact with people at all levels
REQUIRED SKILLS
Soft Skills
Excellent communicator and technical writing skills, able to engage and effectively respond to diverse stakeholders. Good in interpersonal skills, capable to interact with people at all levels
Action-oriented and results driven with strong time-management skills
Flexible attitude, reliable, problem-solving, team player and analytical skills
Excellent interpersonal skills, capable to interact with people at all levels
Certification &Experience
Min 8 years in cyber security operations, 24 X7 Telecom/IT SOC having hands on experience in Incident response, Investigation in a large telecom/ Enterprise IT Environment.
BTech (CS/IT/ECE), Bachelor's degree Technical, or equivalent work experience
CISSP, Any SIEM and EDR(ELK/Splunk/CrowdStrike) certification preferred
Good understanding of CIS Benchmarking, NIST CSF, Mitre Attack Framework, Cyber Kill chain
Communication
Leadership
Teamwork
Interpersonal
Learning/adaptability
Self-management
Organizational
Computer
Problem solving
Open mindedness
Strong work ethic
technology
Others
8 years
Service industry
On going position
Remote