Will be acting as a SPOC between client & Company.
Emergency Incident Response working on SIEM tool like QRadar, DNIF & EDR like carbon black & multiple other technologies.
Installation, setup / configuration, troubleshooting, Tuning, diagnostics and maintenance of IT security related Equipment.
Carry out proactive and reactive administration on Networking and associated applications
Ensure adherence to process
Troubleshoot performance and availability issues on security devices such as IDS, IPS, UTM, Content Filtering solutions, DLP, APT.
Implement Policy Changes
Monitor alerts received from the monitoring systems and take appropriate action based on the defined processes.
Resolution of problems through configuration changes/ re-installations / replacements
Follow the SLA’s and procedures already defined for security device management
Procedures and KB, known incident resolution, Known Error handling
Updating Patches and Signatures Management
Analyse network traffic patterns, system logs, audit files for compliance with security policies.
Ability to communicate and listen effectively
Hands on experience and ability to do Root cause analysis, Problem & Capacity Management
Inclination towards emerging technologies
Creation of Knowledge base
Help project team in commissioning of new customer and change request
Self-development through training
Security Tools –
IDS/IPS (Tipping Point/McAfee)
DDoS (Arbor PeakFlow/Pravail APS)
Perks and Benefits