Process Day to day Operational issues, requests and Project tasks Incident response and resolution within SLA's with good analytical and troubleshooting skills Escalating to L3/Lead to avoid the SLA breach for high priority incidents Providing all the necessary details to L3/Lead about the issue, steps taken, recommendation and any other relevant information Ticket Status Check and Update Respond to False Positive Alerts Incident Escalation and Progress Monitoring Create, review, update and maintain Standard Operating Procedures. Perform the Shift handovers Vulnerability Management 2 Configure, Maintain and troubleshoot Vulnerability Management applications like Qualys and Rapid7 Perform Vulnerability Assessments over the client infrastructure Perform Validating and exclude vulnerabilities based on the customer requirements Create Vulnerability Management dashboards and prepare trending reports SIEM/IDR/MDR Install Configure, Maintain and troubleshoot SIEM/IDR/MDR environment Perform security event detection and threat analysis Provide log/network/malware/device analysis for remediation of security vulnerability conditions Validate log sources and indexed data, search through the indexed data to optimize the search criteria Eliminate the false positives Create reports and dashboards Perform upgrades to the environment based on the documentation provided Solarwinds (Orion) Install, Configure, Maintain and troubleshoot Solarwinds Orion components including NTA and SAM Configure and Troubleshoot SNMP and WMI based monitors Configure and Troubleshoot Adding / Modifying/ deleting devices Configure and Troubleshoot URL monitoring Configure and troubleshoot ESXi, Linux, and MS Cluster resources monitoring Performing addition or removal of devices from Maintenance Configure and Troubleshoot Adding / Modifying/ deleting thresholds for the devices Scheduling or generating manual/custom reports Eliminate false positives Perform checks to ensure all systems report CPU, Memory and appropriate interface bandwidth or any other metrics configured for the device. Perform upgrades to the environment based on the documentation provided Prepare technical documentation LogicMonitor Configure and Troubleshoot SNMP, WMI and SSH based monitors Configure and Troubleshoot Adding / Modifying/ deleting devices Configure and troubleshoot ESXi, Linux, and MS Cluster resources monitoring Configure and Troubleshoot URL monitoring Configure Global Setting such as Importing/Modifying LogicModules (DataSource/ConfigSource/etc.) Performing addition or removal of devices from Maintenance Configure and Troubleshoot Adding / Modifying/ deleting thresholds for the devices Scheduling or generating manual/custom reports Eliminate false positives Configure user roles as per the request and perform User Add/Delete from LogicMonitor Prepare technical documentation Incident Response Maintain log forwarder and other agents within the network that forward events to Threat Intelligence service. 3 Screen inbound notifications and triage based on Customer approved procedures Contain high impact incidents by escalating to operations team or assign to customer contacts if beyond the scope of operations team. Identify security breaches and take action to stop them and prevent them in the future Monitor and respond to 'phishing' emails and 'pharming' activity Provide guidance to staff on issues such as spam and unwanted or malicious emails. Perform Post incident root cause analysis Evaluates/deconstructs malware using vendor provided tools Coordinates responses to security incidents and investigations including, root cause analysis and malware analysis. Weekly threat report analysis and notification about any unusual trend Teamwork Train and mentor the peers and juniors in the team. Validate the quality of work performed by peers and juniors in the team Coordinate with various teams such as monitoring, backup and Network to ensure proper functioning of all servers and its services
...
Process Day to day Operational issues, requests and Project tasks Incident response and resolution within SLA's with good analytical and troubleshooting skills Escalating to L3/Lead to avoid the SLA breach for high priority incidents Providing all the necessary details to L3/Lead about the issue, steps taken, recommendation and any other relevant information Ticket Status Check and Update Respond to False Positive Alerts Incident Escalation and Progress Monitoring Create, review, update and maintain Standard Operating Procedures. Perform the Shift handovers Vulnerability Management 2 Configure, Maintain and troubleshoot Vulnerability Management applications like Qualys and Rapid7 Perform Vulnerability Assessments over the client infrastructure Perform Validating and exclude vulnerabilities based on the customer requirements Create Vulnerability Management dashboards and prepare trending reports SIEM/IDR/MDR Install Configure, Maintain and troubleshoot SIEM/IDR/MDR environment Perform security event detection and threat analysis Provide log/network/malware/device analysis for remediation of security vulnerability conditions Validate log sources and indexed data, search through the indexed data to optimize the search criteria Eliminate the false positives Create reports and dashboards Perform upgrades to the environment based on the documentation provided Solarwinds (Orion) Install, Configure, Maintain and troubleshoot Solarwinds Orion components including NTA and SAM Configure and Troubleshoot SNMP and WMI based monitors Configure and Troubleshoot Adding / Modifying/ deleting devices Configure and Troubleshoot URL monitoring Configure and troubleshoot ESXi, Linux, and MS Cluster resources monitoring Performing addition or removal of devices from Maintenance Configure and Troubleshoot Adding / Modifying/ deleting thresholds for the devices Scheduling or generating manual/custom reports Eliminate false positives Perform checks to ensure all systems report CPU, Memory and appropriate interface bandwidth or any other metrics configured for the device. Perform upgrades to the environment based on the documentation provided Prepare technical documentation LogicMonitor Configure and Troubleshoot SNMP, WMI and SSH based monitors Configure and Troubleshoot Adding / Modifying/ deleting devices Configure and troubleshoot ESXi, Linux, and MS Cluster resources monitoring Configure and Troubleshoot URL monitoring Configure Global Setting such as Importing/Modifying LogicModules (DataSource/ConfigSource/etc.) Performing addition or removal of devices from Maintenance Configure and Troubleshoot Adding / Modifying/ deleting thresholds for the devices Scheduling or generating manual/custom reports Eliminate false positives Configure user roles as per the request and perform User Add/Delete from LogicMonitor Prepare technical documentation Incident Response Maintain log forwarder and other agents within the network that forward events to Threat Intelligence service. 3 Screen inbound notifications and triage based on Customer approved procedures Contain high impact incidents by escalating to operations team or assign to customer contacts if beyond the scope of operations team. Identify security breaches and take action to stop them and prevent them in the future Monitor and respond to 'phishing' emails and 'pharming' activity Provide guidance to staff on issues such as spam and unwanted or malicious emails. Perform Post incident root cause analysis Evaluates/deconstructs malware using vendor provided tools Coordinates responses to security incidents and investigations including, root cause analysis and malware analysis. Weekly threat report analysis and notification about any unusual trend Teamwork Train and mentor the peers and juniors in the team. Validate the quality of work performed by peers and juniors in the team Coordinate with various teams such as monitoring, backup and Network to ensure proper functioning of all servers and its services
