Job Seekers, Please send resumes to resumes@hireitpeople.com

• Ability to work with minimal supervision, self-motivated and should be able to manage stakeholders
• Excellent knowledge on using advanced incident analysis and investigation techniques for security incidents to contain and resolve them
• Able to collect and analyze detailed host information through host monitoring tools – including command line tools as necessary
• Experience working in a risk based environment including mitigation, planning and implementation.
• Able to collect and analyze detailed enterprise logs using splunk, collecting logs of systems directly, experience with L1 malware analysis
• Deep Understanding of common Attack Vectors DDoS attacks, Phishing Attacks, and Malware
• Analyze Security related events, user submissions and detected alerts using SIEM and various native security tool management consoles.
• Perform initial triage of same events using established processes to determine criticality, perform containment/corrective actions.
• Record triage activities in security incident response system
• Utilize SIEM tool Splunk effectively in triage events and Splunk search capabilities
• Familiar and should possess multi-domain architectural knowledge/exposure is desired – Windows/Linux/Network/Proxies/Email gateway/Tanium/FireEye/Symantec, should be able to use tools such as Wireshark or equivalent tools, security alert monitoring using Splunk or other SIEM tools experience
• Vulnerability scanning using Qualys or any other tool, experience with vulnerability remediation activities, qualify new vulnerabilities and impact to the environment, patch governance activities
• Others – Must be able to build relationships with internal/external stakeholders and achieve the security incident resolution; Should be comfortable to work with onsite/offshore teams and provide technical guidance/leadership to offshore teams
• Articulate Client requirement to internal team/developers to arrive defined scope of the project.