Job Description

Role xe2x80x93 Cyber Security Engineer with any Antivirus exp.Location xe2x80x93 Gurugram, Gr. Noida, HYD, Pune, BangaloreExperience: 6+ YearsNotice : 15 DaysFTE or SubconMandatory: Antivirus experience with DefenderInvestigate incidents from security perspective for any security breach and assess associated impact. Ensure learnings from security incidents are tracked and incorporated. Hands-on experience on IT and security applications for daily monitoring and incidents investigations xe2x80x93 McAfee antivirus, Defender for Endpoint, Defender for O365, Defender for Cloud Apps, Intune, Azure Sentinel, Barracuda & Fortinet IPS/IDS. Capture existing or potential risks to project or customer infrastructure, its probability and impact and subsequent mitigation plan in a risk register Stay updated with Cyber Security trends in the industry and continuously identify improvements in security practices. Maintain constant communication with customers to understand their vision and expectation from Cyber Security and identify any potential escalations. Organize monthly reviews with customer security teams to review the monthly security report and document actions derived from the meetings. Maintain a security actions tracker and organize weekly governance reviews with customer security teams to track closure. Stay updated on the latest vulnerabilities and zero day threats in the industry. Maintain the vulnerability management program to ensure the managed IT environment is secured against vulnerabilities. Conduct regular vulnerability scans for internal endpoints (Nessus PRO) and public facing interfaces (Tenable) at agreed frequency. Share regular updates with customer security team and highlight instances wherein there is customer dependency or any challenge in remediation of any vulnerabilities Ensure security use cases are configured in SIEM tools (Alienvault, Azure Sentinel) and alerts triggered are being investigated. Regular review of SIEM tools for storage consumption and new uses cases to be configured. Ensure SIEM tools are integrated with ticketing tool (ServiceNow) and tickets are being logged properly for alerts being generated. Organize reviews with monitoring team to ensure they are through with the monitoring process and identify improvements/learning opportunities. Should have knowledge to run pen test for EG (Weak Password Scripts or Dictionary attaks) Should have good experience in configuring the policy of endpoint security tools (AntiVirus, Email Security, Web URL filter) Should have knowledge of PCI vulnerability assessment or certification in Vulnerability assessment. Should have knowledge of Audits (ISO-27000) SOC 1 & Soc2 and Cyber Essentials.

NConsulting