Introduction
Information and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world
Your Role and Responsibilities
As a Security Operations Lead you will closely with the Security Managers, Leadership and other Enterprise IT teams and be the bridge between the various departments.
- Strong Technical Knowledge and Experience in Perimeter Security management, audit and reporting.
- Act as the subject matter expert and System Lead for Perimeter security tools like WAF (Imperva Securesphere, F5), DDOS (Arbor APS), NIPS(Tippingpoint), Deception (Smokescreen), SSLO (F5)
- Good Experience in Administration of Technologies like Endpoint Security, Anti-APT Solutions Endpoint/EDR, Network, Email (FireEye HX, EX, NX, MVX), WAF (Imperva Securesphere), Smokescreen, DDOS (Arbor APS), NIPS(Tippingpoint) & F5 SSLO & WAF Solution and should be Certified in at least 3 Products
- SIEM Event Analysis and manual Co-relation of Events to narrow down the analysis to Threat Vector.
- Coordinate and work along with Threat Intel, Incident Response Team and SOC Analysts
- Service Delivery and Operations Support
- Participate in defining and refining security baselines for our systems.
- Interact with vendors, researchers, and other 3rd parties to collaborate on security issues or processes.
- Work with the Team Manager to develop and maintain security Key Performance Indicators.
- Responsible for tuning various security tools & technologies already in place.
- Review the SOPs & technical runbooks & also create new SOP documents/runbooks for innovative technologies/process.
- Signature Definitions SLA Maintenance
- Support required 24x7 as and when need arises to cater client needs
- Exploring new features in all tools and sharing the data with trend analysis
- Complete O&M for all Perimeter Security Tools includes troubleshooting, RMA, upgradation, etc
- Maintain 100% compliance of all Landmine Agents as per the inventory list of customer
- Perform VA tasks when required
- Automation - Should think of automating tasks to reduce load on daily BAU activities.
- Work closely with the Security Managers, Leadership and other Enterprise IT teams and be the bridge between the various departments.
- Strong Technical Knowledge and Experience in Data Loss Prevention, Data Classification Tool
- Act as the subject matter expert and system lead for Data Security.
- Good Experience in Administration of Technologies/Products mentioned below
- 1) Data Loss Prevention (Symantec / Forcepoint)
- 2) Data Classification Tool (Titus)
- SIEM Event Analysis and manual Co-relation of Events to narrow down the analysis to Threat Vector.
- Coordinate and work along with Threat Intel, Incident Response Team and SOC Analysts
- Service Delivery and Operations Support
- Participate in defining and refining security baselines for our systems.
- Interact with vendors, researchers, and other 3rd parties to collaborate on security issues or processes.
- Work with the Team Manager to develop and maintain security Key Performance Indicators.
- Troubleshoot Endpoint security agent (DLP/DCT) software issues.
- Responsible for tuning various security tools & technologies already in place.
- Review the SOPs & technical runbooks & also create new SOP documents/runbooks for innovative technologies/process
Want more jobs like this?
Get jobs in Pune, India delivered to your inbox every week.
Required Technical and Professional Expertise
- 12+ Years of Overall Experience in SOC / Security tools Operation domain
- Experience/Knowledge in Database Activity Monitoring is plus
- Hands-on experience with security tools and devices, operating systems, and/or networking devices desired.
- Proven skills and experience in log analysis, incident investigations - including guidance for remediation
- Experience working across diverse teams to facilitate solutions
- Experience working with Security practitioners
Preferred Technical and Professional Expertise
Demonstrates proven expertise and success in incident handling, triage of events, network analysis and threat detection, trend analysis.
Should have the following skills:
- Deep understanding of computer intrusion activities, incident response techniques, tools, and procedures
- Strong knowledge of Windows, Linux operating systems.
- Analytical and problem solving skills
- Thorough knowledge of digital forensics methodology as well as security architecture, system administration, and networking.
- Excellent organization, time management, and attention to detail
- Must be action oriented and have a proactive approach to solving issues.
- Advanced IT (Operating systems, networking, databases) and IT security knowledge (system and network security) including IT security tools.
- Experience working with security tools (i.e., Wireshark, Qradar etc.)
- Use tools and knowledge to perform hunt activities to search for indicators of compromise in the environment.
- Good knowledge of office collaboration tools