Job Responsibilities:-
Worked on Snypr which is a Big data based Security analytics tool which includes SIEM and UEBA and which detects advanced cyber threats. It combines log management.
Worked on SIEM Implementation includes Incident management, SIEM
Administration/Installation/Configuration, Use case management, Threat models and Policy Configurations, Correlation rules, Data source onboarding, Log analysis and events monitoring, Dashboard Designing, Reports and Workflows.
Handling Incidents like Phishing, UEBA, Networks, Endpoints, Applications, Banks Proprietary App Malwares, APTs etc. with critical, medium and high severity in Splunk Enterprise Security.
Perform weekly Threat Hunting Exercises via Splunk by analyzing the logs (APIs, WAF, f/w, proxy, av, ad, endpoint, etc.) and prepare an executive summary report with all the informations IOCs,MITRE ATTACK TTPs.
Setup Secure Syslog (TLS) on the RHEL7 platform.
Setup Firewall Rules on RHEL7 platform. Knowledge on WAF.
Strong Understanding of Network Security terminologies like DLP, IDS, IPS, CASB application security, endpoint security, data protection.
Knowledge on networking concepts, protocols and networking devices.
Knowledge on Vulnerability Management
Knowledge on Splunk.
Certification :-
CEH V9 | Splunk Enterprise Certified Architect | CompTIA security certified
Experience : 2 - 8 Years
No. of Openings : 5
Education : B.C.A, B.Sc, B.Tech/B.E
Role : Security Analyst
Industry Type : IT-Hardware & Networking / IT-Software / Software Services
Gender : [ Male / Female ]
Job Country : India