Job
Description
Responsible for engineering and proper functioning of the Global Security tooling estate. Security Orchestration and Automation for the Infosys Quartz Security Operations team and Global security tooling landscape to empower Security operational teams to improve their response process. Responsible for on boarding of data sources into the SIEM, ensuring the Threat and vulnerability tooling landscape work correctly and security monitor the right assets and other security tools used in Infosys Quartzl run smoothly and empower the Security Operational teams to have relevant data to understand what is going on in cyber security landscape and are able to make the right priority calls. Continuously improve Integration and automation of the Global Security tooling estate Close collaboration with the Infosys Quartz Security operations and other Operational teams, Architecture and Engineering teams and other Business units to align activities, drive improvements and has the right priorities set for maximum effect. Review and improve security requirements set in policies / standards and guidelines and make sure that these are following industry best practice. We tend to look for people with: Essential:Experience as a Security engineer Experience working with Security Operations, Security engineering and security analysts teams Advanced experience with Security Orchestration, Automation, and Response (SOAR) Solid understanding of DevSecOps, Networking, Security and Monitoring Awareness of security threats and defensive strategies within the critical infrastructure, including techniques, tactics, and procedures (TTPs) that threat actors utilize to attack an organization. Experience with several of the following: SIEM / Splunk (strongly preferred), Kibana / ELK Lacework Wiz Prisma Rapid7, c3m, whitehat (strongly preferred) Imperva, Database security monitoring Anomoli DevOps Azure, GCP, AWS, OSI cloud services MySQL / PostgreSQL PowerShell Strong understanding and hands-on experience in maintaining or security monitoring a number of the below: Microsoft 365, Windows Desktop and Server, Active Directory RedHat Enterprise Linux or derivatives Debian Linux or derivatives Strong understanding and ability to setup various platforms in an advance matter with: Network essentials such as IPv4, IPv6 networking Host and Network firewalls Standard host monitoring via SNMP and tools like Nagios, Cacti, Zabbix etc Experience in working with a wide range of stakeholders in the context of improving security and incident respond. Experience with monitoring and analytics solutions (e.g. Arbor threat mitigation suite, Splunk, Grafana, Elastic Stack etc.). Desirable: Bachelor or Masters Degree in computer sciences or related fields (or equivalent years of experience).
