Senior Associate Engineer - Security

Job Overview:ISSQUARED Inc is looking for a Senior Information Security Operations Analyst to be the lead role in maintaining and enhancing the Cybersecurity posture for clients and the company. The ideal candidate maintains a hands-on approach to major facets of Information Security: incident Response, Vulnerability Management, End Point Detection and Response, Logging and Monitoring and exhibits an ability to work collaboratively with various stakeholders to ensure success with all InfoSec related programs. This will encompass a wide variety of systems (Windows and Linux), networks and telecommunication infrastructure components to meet business security needs. This position will need to implement and maintain security best practices while coordinating with the Leadership teams to complete that work. Ongoing work will also include remediation of items identified in internal/external Audits, PEN Testing, and tickets/alerts from the SOC and security tools. The Senior Operations Analyst/Manager will also be responsible for providing monthly metrics and reporting for ongoing Security work and overall security posture. Additional tasks will include but not limited to

Working Conditions:Flexible to work in Shifts.

Key Responsibilities:

• Have experience in SOC monitoring, working knowledge in any of the SIEM tools like FortiSIEM, ArcSight, Qradar, Splunk, McAfee Nitro, and AlienVault USM Anywhere.

  Preference for candidates with prior FortiSIEM experience.

• 24x7 Active monitoring of Security events using SIEM (based on standard operating procedure).
• Monitor network security events on SIEM consoles and other systems available and take appropriate action based on security policy.
• Responsible for troubleshooting agent software issues.
• Reviewing reports to ensure quality and accuracy.
• Analysis of log files, including forensic analysis of system resource access.
• Working on connected firewalls and IDS/IPS systems
• Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns is a must.
• Strong analytical and problem-solving skills.
• Understand cyber - attack methods, perform analysis of security logs in an attempt to detect unauthorized behavior, provide daily reports to Manager.
• Analyze network traffic patterns, system logs, and audit files for compliance with security policies.
• Ability to communicate and listen effectively.
• Hands-on experience and ability to do Root cause analysis, Problem & Capacity Management.
• Experience in FortiSIEM, McAfee DAM / NIPS / SIEM / DDOS / ArcSight / Symantec DLP / Websense DLP / DLP / Bluecoat / Websense Proxy / MacAfee Web Security / Force point / Splunk.

Preferred Skills:

• Not less than 4 years of relevantexperience.
• Excellent customer facing skills with fluency in written and spoken English.
• Bachelors degree in Science or higher. (B.E/B.Tech preferred).
• CCNA / SIEM technology certified (FortiSIEM, ArcSight, Qradar, Splunk, and McAfee Nitro).
• Stakeholder management & should have excellent communication skills
• Preferred certification CEH, CCNA, CCNP, MCSE
• Knowledge of ISO 27001:2013, PCI DSS compliance
• Ability to quickly scale up and learn technologies outside of core areas of expertise.
• Understanding of ITIL concepts and processes.