IT / Telecom - Software
INDUSTRY
Software Services
SPECIALIZATION
Application Programming , Database Administration ( DBA ) , Software Engineer , System Security
QUALIFICATION
Any Graduate
Job Description
1. Level 1 Requirements. Meets Level 1 Requirements.
2. Proficient knowledge and understanding of TCP/IP, UDP, ICMP, and other common networking protocols.
3. Advanced understanding of security aspects of common services such as HTTP/S, SMTP, DNS, SMB/Samba, WINS, and LDAP, etc.
4. Technical understanding of Windows Server administration, Windows endpoint OS and Linux OS.
5. Proficiency to expert-level knowledge of the following:
a. Network/Security device functions, such as routers, switches, IDS/IPS, anti-virus, firewalls, and proxies.
b. Windows and Linux operating system security challenges and vulnerabilities.
c. Database security issues (SQL, Oracle).
d. Attack activities – address/port scans, man in the middle, sniffing, Bruteforce attacks, SQL Injection, Cross-site scripting DoS, DDoS, File-less ‘malware’, and able to explain technical aspects of malware such as worms, Trojans, and viruses.
6. Familiarity with Cyber Kill Chain methodology and attack vectors
7. Must have knowledge of defensive measures to identify, detect, protect, and respond information, information systems, and networks from threats.
Skills and Abilities
1. Must be able to validate events escalated from L1, including review of the base event, conducting follow-up SIEM (ArcSight or Splunk searches), and then interpret the follow-up actions for either internal or external escalation when required.
2. Must be able to provide advanced event analysis, incident detection, and escalation to L3 Analyst, Engineer and the SMC Director.
3. Must lead, coach, train, and develop L1 analysts.
4. Must have great customer service skills – demonstrating responsiveness, attention to detail, commitment to quality, and persistence in resolving customer issues.
5. Must have advanced technical writing skills
6. Must have strong communication, analytical, and problem-solving skills.
7. Must possess a strong work ethic that demonstrates self-initiative, discretion, and ability to meet challenges head on.
8. Must be able to work with SIEM content engineers to propose new use-cases or tuning requirements based on existing alerts and log feeds.
9. Must have strong collaboration skills to work with a global team.
Experience
Required Experience:
1. 1 to 2 years working within the information security field, with emphasis on security operations, incident management, intrusion detection, firewall administration, and security event analysis or applicable education in the above areas.
2. Experience working with firewall, IDS/IPS, DNS, anti-virus, SIEM, web content filtering, network/vulnerability scanning and authentication technologies.
3. Experience with any enterprise level ticketing system.
Desired Experience:
1. Experience working in a Security Operations Center or Network Operations Center environment.
2. Working knowledge of SIEM technology - ArcSight and/or Splunk experience is a bonus.
Education:
Associate degree or equivalent experience.
Education: Associate degree or equivalent experience.
Job Posted by
Company: Fiserv India Pvt Ltd
Website: http://www.fiserv.co.in
Industry: Technology (IT, Telecom, Dot Com etc) (Software Consulting, Software Services Companies)
Company Turnover
100 - 500 Crores
Company Size
1001 - 5000 Employees
Comments
Post a Comment