Job
Description
Hope you are doing good! Excellent Opportunity with LKQ India (Fortune 500 Company & Nasdaq Listed) at Bangalore location. Experience: 7 to 15 Years Work Location: Bannerghatta Rd, Bangalore Role:: Permanent Job Description: Configure and Administer Splunk SIEM (Security Incident and Event Management) tool. Administer Email Gateway technologies (Microsoft Defender /Abnormal Security). Zscaler proxy log analysis and leverage for investigation. Crowdstrike Endpoint detection and response platform and policy management. Analyze and assess security incidents and escalate to appropriate internal teams for additional assistance. Responsible for investigating incidents, analyzing attack methods, researching new defense techniques and tools, developing security policy, and documenting procedures for SOC. Malware analysis and other attack analysis to extract indicators of compromise. Perform data security event correlation between various systems. Prepare reports, summaries, and other forms of communication that may be both internal and client facing. Periodic upgradation/creation of correlation rules based on emerging threats and requirement following MITRE Attack US-Cert and other TTP sources. Lead Information security analyst, having an experience of 4+ years in incident management, log analysis and troubleshooting of network and security related issues. Comprehensive management and technical experience in building and leading large-scale SOC (Security Operations Center) Strong hands-on experience in security management tools like Splunk Security Incident and Event Management (SIEM) Good experience in working/communicating with cross-functional IT infrastructure teams like network, system, database, application, security to build and manage effective security operations. Building Security Operations Center and/or Incident Response Team from scratch. Implementation-of and building-content-in technologies like SIEM, SOAR and Cloud Security Solutions. Building Security Metrics that will help customers/management to understand the effectiveness and gaps in Incident Management and over all Cyber Security posture. Working with customers requirement gathering, on-boarding, technical discussions, report walk-throughs. Working alongside teams like Compliance and VAPT Exposure to related areas of cybersecurity including Host Security, Network Security, IAM, Vulnerability Management, Penetration Testing, Compliance etc. Develop security scope, KPIs, policies and procedures for various SOC activities. Defined workflows for the day-to-day operations of SOC Ensure timeline, scope, quality & resource is managed accordingly with committed deliverables. Developed Playbooks for analysis and incident remediation Participate in security design discussion with various teams (technical and management) and provide advice on how SOC can be used effectively. Installing, updating, upgrading SIEM solution. On-boarding log sources and working on log source issues. Create and fine-tune content in SIEM Correlation Rules, Dashboards, Reports, Lists etc. Interact with SIEM vendor TAC (support) to fix any issues with SIEM. Mentor L1 and L2 security analyst. Assist in analysis of P1 alerts and alerts that require involvement of multiple teams. Evaluate new solutions for SOC team. Experience in creating reports and KPIs for C-level audience. Experience of Integrating tools with SOAR and designing incident response workflows in SOAR platform. Hands-on Experience in writing custom scripts (Python and Regex) for task automation. Interested candidates, kindly fill up the below details and share updated resume to ajupendra@LKQCORP.com Years of Experience:: Current CTC :: Excepted CTC :: Current Location :: Currently you have PF / Provident Fund deduction with your company ? :: Notice Period ::
