Security Eng & Ops

Year    Pune, Maharashtra, India

Job Description

b'



Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!


As our Security Operations Engineer L1 you will be part of a fast-paced SOC team and cover broad aspects of Qualys Cyber security monitoring and incident response operations. Working closely with SOC Manager/lead and Cyber Fusion Center Security Engineers, the role is to help coordinate and report on identified cyber security incidents affecting Qualys, infrastructure on-premises and Cloud infrastructure, Qualys Cloud Platform, our product, services and customers. This role requires strong technical analytical skills while providing accurate analysis of security-related problems and a well-rounded networking background.

Key Responsibilities:
  • Responsible for working in a 24x7 Security Operation Center (SOC) environment. Provide security monitoring, analysis and trending of security log data from a large number of systems, managed through a SIEM platform. This involves handling events such as security breaches, threats, or user security related issues.
  • Analyze & investigate cyber threats on a real-time/day-to-day basis, involving alerts review, log analysis, and event/incident correlations.
  • Monitoring and analysis of cyber security events/incidents using SIEM tools like Qualys XDR/EDR, Elastic Enterprise, Wazuh etc.
  • Work with other SOC L1 engineers for SOC incident queue monitoring for all automated reported incidents in our ticketing SOC queue.
  • Conduct incident investigation, initial triage and ticket validation for all reported incidents and document in respective incident tickets.
  • Document work and reports in incident tickets with required artifacts and brief details.
  • Validate your incidents tickets with SOC L2 engineers after documenting all required artifacts and initial triage.
  • Participate in security incident response efforts, having knowledge of common security exploits, vulnerabilities and countermeasures. Coordinate with Security System engineers and Threat Intel engineers to continuously improve the accuracy and efficiency of the Security monitoring and response process.
  • Integrate and share threat information with other team members.
  • Identify IOCs of various ongoing campaigns from multiple Threat Intelligence Advisories and Internal Threat Intelligence Platform. Conduct IOC based discovery for threat identification in Qualys environments.
  • Capable of report generation from security solutions and preparation of report for management presentations.
  • Analysis of phishing emails reported by internal users using defined process and procedures.
  • Work with the SOC analysts in developing correlation logic and signatures associated with the supported security tools establish, maintain and grow the value of current and future partner relationships.
  • Should manage entire life cycle of security incidents, investigate them and must drive them for appropriate closure.


Knowledge and skills required:
You will have experience of managing and maintaining Security tools within a global SOC environment. Technical expertise in the following would be beneficial:
  • Basic understanding of one or more of the following: SIEM, NIDS/NIPS, Endpoint Security toolsets, DLP, Network security technologies. Some of them can be like Qualys XDR, Elastic Enterprise, Splunk, Wazuh etc.
  • Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix.
  • Knowledge of TCP/IP Protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.) network analysis, and network/security applications
  • Knowledge of common Internet protocols and applications
  • Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies
  • Understanding about various tools like SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools.
  • Understanding of common Attack methods and their SIEM signatures
  • Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats
  • Strong analytical and problem-solving skills
  • High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
  • Passionate about Cybersecurity domain and has the inclination to learn current technologies / concepts / improvements.
  • Knowledge of cyber security frameworks and attack methodologies
  • You will be required to work in shifts (Morning, Afternoon, Evening) on rotation basis supporting 24*7 operations.
  • Relevant industry certifications such as CompTIA Security+, EC-Council, SANS are a plus.


Qualifications:
  • Bachelor\'s degree in computer science, Information Technology, or a related field.
  • Ability to interact effectively at all levels with sensitivity to cultural diversity.
  • Ability to adapt as the external environment and organization evolves.
  • Ability and ready to learn new technology and should be a good team player.
  • Excellent verbal and written English communication skill.

Beware of fraud agents! do not pay money to get a job

MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Related Jobs

Job Detail

  • Job Id
    JD3241493
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Pune, Maharashtra, India
  • Education
    Not mentioned
  • Experience
    Year