Areas of responsibility and tasks | - End to end security incident closure
- Whitelisting/Blacklisting of malicious urls on Proxy.
- Proactively monitoring, working on security incident closure reported on SIEM solution
- Analyse security alerts on Antivirus and take proactive action
- Analyse, Threat Hunting on malicious domain, sender, hash, Zero day vulnerabilities using open source tool.
- Run Vulnerability Management tool across server/network and coordinate with different stakeholders to ensure vulnerabilities are mitigated timely.
-
|
Competencies | - You have experience in creating user-oriented documentation and procedures
- You have experience with IT infrastructure, operating systems and networks, preferably based on Microsoft technology
- Configuration and Troubleshooting on Symantec, Trend Micro , MacAfee any one of Anti-Virus.
- Antivirus Management: Install, configure, and maintain antivirus software across all endpoints
- Configuration ,troubleshooting and managing Cisco AMP, Secure-X XDR.
- Monitor and respond to antivirus alerts, ensuring timely investigation and remediation of threats.
- Configuration/Implementation/Troubleshooting on Nessus Vulnerability scanner
- Identify, assess, and fix vulnerabilities in the system.
- Should be proficient in Implementation and managing any one of SIEM (Azure Sentinel, HP Archsight, Qradar SIEM)
- Monitor SIEM alerts and respond to security incidents in real-time, including detailed incident reporting.
- Symantec, Blue Coat , Cisco Umbrella Proxy,
- Implement and maintain web filtering policies to block malicious sites and content.
- Good understanding on Cloud( Azure).
- Troubleshooting day to day security operation issue. Ensure tickets are closed within SLA.
- Collect, analyze, and manage logs from various sources to identify potential security incidents.
- You speak, read and write English fluently
- Preferable Experience range is between 3-6 Years
|