Job
Description
About The Role
Project Role :Security Architect
Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills :Security Information and Event Management (SIEM)
Good to have skills :NA
Minimum 3 year(s) of experience is required
Educational Qualification :15 years full time education
Summary:Senior Security analyst will ensure the daily operations of monitoring and review within an information security environment.
Roles & Responsibilities:
Analyze potential infrastructure security incidents using Sentinel and/or Splunk or Sentinel to determine if incident qualifies as a legitimate security breach.Perform network incident investigations, determining the cause of the security incident and preserving evidence for potential legal action Interface with technical personnel and others teams as required Produce security incident reports and briefings to be distributed to the team lead and manager Configure and manage Infrastructure Security and SIEM solutions. Design, develop and create correlation rules within the Security Information and Event Management (SIEM) platformMonitor devices and correlation tools for potential threatsInitiate escalation procedure to counteract potential threats/vulnerabilitiesAppropriately inform and advise management on incidents and incident prevention Implements continuous improvement measures on daily basis Identify, assess, and resolve complex issues/problems within own area of responsibilityProvide Incident remediation and prevention documentationDocument and conform to processes related to security monitoringParticipate in knowledge sharing with other analysts and develop solutions efficientlyCoordinate or participate in individual or team projectsWrite technical articles for internal knowledge baseProvide performance metrics as necessaryDevelop and optimize technical processes and coordinate procedure documentation.
Professional & Technical Skills:
At least 5+ years of experience in Information Security, Risk Management, Infrastructure Security and ComplianceGood understanding of Security Information and Event Management concepts and hands-on experience on Sentinel and/or Splunk.Work experience in Virtual, AWS and Azure environmentsPrevious Sentinel and /or Sentinel and/or Splunk administration or development experienceInstallations, Configuration and troubleshooting of any security devices (e.g., firewall, IDS, etc.) Basic level of expertise in UNIX, Linux, and Windows Operating SystemComplete understanding of TCP/IP, HTTP, HTTPS, SSL, Protocols.Port scan and Vulnerability scanning techniques should have hands on experience.Exploit and detection analysis skills, including ability to analyze logs for useful information and patterns Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring.Good understanding and experiences with Infrastructure Security, Risk assessment and Security Information and Event Management.Good understanding of frameworks such as ISO 27001/27002, COBIT, and other relevant compliance such PCI, HIPAA, SOX, FISMA, and others that are required for Security Information and Event Management.
Additional Information:Experience working in a diversified, virtual environment.Administrational tool development and maintenance.Desirable to have some certifications such as CISSP, ITIL, CISA, CISM and GIAC-GCIA, GCIHA 15-year full time education is required.Bachelor's and above degree in Computer Science, Information & Technology, MIS, Engineering.
Qualification 15 years full time education
