Job Description

Track Incident detection and reporting
Incident closure & escalation
Periodic review of usecases & Identify new alert requirement based on industry best practices & changes in the environment
Ensure services are being provided within SLA parameters
Ensuring logs are received in both DC & DR, Usecases deployed are same in DC & DR. Alerts/Incidents are handled in both DC & DR
Support integration of new devices/servers/applications to SIEM including log shipping, parsing, reviewing the monitoring requirements and deploying necessary rules for alerts/incidents/reports.
Performing periodic DR drill.
Follow-up with departments for closure of various reports/incidents and escalate the long outstanding issues.
Investigate logs/packets for anomalies and deploying necessary rules for alerts
Identify log outages and submit necessary reports
Compare the trends of logs/alerts of security tools and submit necessary reports
Conduct the first level of forensic analysis in required cases and support expert agencies in required cases for intensive analysis
Any other activities assigned
Comprehensive management experience in leading large scale security operations
Experience in roll out of SIEM, vulnerability management products and security/networking tools
Experience in setting up SOC processes.
Domain experience in threats and vulnerabilities
Knowledge of system administration of Windows, Unix platforms and Security/Networking devices like Firewalls, IPS/IDS, WAF, Deception, DLP, NAC, DAM, PIM, Switches, Routers, VPN Gateways etc.
Thorough understanding of TCP/IP, networking concepts.
Threat Hunting, Packet Monitoring, Digital forensic investigation

Education - BE/B.Tech ...

technical specialist – soc.

job details

experience

the application process.

apply with randstad.

we’ll give you a call.

getting you registered.

compliance check.

related jobs.

senior ms engineer – soc l2

let similar jobs come to you