It Security Operations

We are having an excellent opportunity for IT Security operations-

Location- Navi Mumbai (Ghansoli)

Role & responsibilities

• Responsible for implementing and managing the SIEM tool (Rapid 7)
• Responsible for L2 activities for Security Incidents as part of SOC
• Adding all new servers, network equipment, security tools, cloud workloads to the SIEM for incident management and monitoring
• Triaging, investigating and management of ongoing Security Incidents which come as escalations from L1 team, and oversees the SOC monitoring capabilities and reporting of security related events.
• Support in the creation of operational documents such as- use cases, play/run books and training materials for incident response, and ensures regular updating of these documents.
• Support in the creation of various metrics, reporting, review of incident progress to Operations Manager
• Communicate potential threats, suspicious/anomalous activity, malware, etc., to the Security SOC provider, and be a point of contact for JOHN COCKERILL Cybersecurity issues
• Continuously improve processes for use across multiple detection sets for more efficient operations
• Should be responsible for Cybersecurity incident management and own the Incident under resolution
• Provide remediation advice and assist incident response team in security incident response activities, escalate if required
• Should be adoptable to work with multi-vendor organization
• Working across different cultures and organizations

Education & Experience

• Bachelor of Engineering.
• Overall 5+ Years in System Infrastructure with 3+ Years in Security Operations

Background, Skills and Competencies

Soft skills:

• Excellent problem-solving skills
• Good oral and written communication skills
• Customer and service oriented
• Team player, sharing information spontaneously
• Pragmatic and solution-oriented Organized and rigorous
• Available and flexible
• Autonomous, self-taught, responsible.

Technical skills:

• Rapid 7/Arcsight/Splunk/IBM QRadar tool administration, configuration and report writing skills are mandatory (any one tool)
• Certifications in Cybersecurity like COMPTIA+, CISSP or other specialized security certifications would be added advantage, cybersecurity fundamental concepts
• Minimum 5 years of relevant experience in managing large Windows server based platforms
• Very good knowledge of Windows operating systems and working knowledge of Microsoft Active Directory, ADFS, Exchange, IIS, SCCM
• Knowledge of Powershell scripts for the automation and management of Windows infrastructure
• Knowledge of Office365 and Azure
• Knowledge of network switching: TCP/IP, subnetwork calculations, VLAN concepts,firewall, NAT
• Installation of active devices in data center
• Good knowledge of MITRE attack
• Mandatory experience in pen test tools (PenTera, Kali Linux)
• Should possess in-depth knowledge on Network Security, Endpoint security etc
• Mandatory experience in working with Microsoft security landscape, e.g. Microsoft defender ATP, Microsoft cloud App security, Office ATP, Azure AD identity protection, Azure Security center, Azure sentinel.
• Should be having knowledge on ITIL Process

If interested kindly share your updated CV on trupti.palkar@johncockerill.com