Hello, Hope you are doing good.
We have an immediate opening for the below position, kindly let me know your interest with your updated resume at *bhara...@accurogroup.com <bhara...@accurogroup.com>*. *Through TCS.. * *Security Lead* *SN* *Required Information* *Details* 1 Required Technical Skill Set - Security Incident investigations, Threat intelligence management - Experience in leading and managing team spread across multiple locations – US, India - Experience in directly working with the customer and managing customer expectations, project deliverables in coordination with nearshore/offshore team - Ability to perform reactive & predictive security analysis and articulate emerging threats to leadership and team - Situational awareness of cyber activity by reviewing open-source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the organization - Vulnerability Management and remediation - Good knowledge & working experience on SIEM solutions such as Splunk for log management, event correlation, security incident management, SIEM architecture - Experience in defining alerts, reports and dashboards 3 Desired Experience Range *Min. 10 years* *Desired Competencies (Technical/Behavioral Competency**)* Must-Have 1. Team management with good Information security technical expertise and ability to frontend customer interactions 2. Security incident investigations using SIEM & EDR solutions. 3. Experience in *Security Incident Response Lifecycle* 4. Experience in defining SOC monitoring usecases and operationalizing them through SOPs, and SIEM based alerts / reports. 5. Experience *understanding and interpreting Threat intelligence *from various external sources including validation of related IOCs in customer environment 6. Good understanding of *Vulnerability Management *process including scanning, executive reporting and remediation tracking 7. Should have *good conceptual understanding* of Windows, Linux operating systems & Networking – TCP/IP Protocol Suite 8. Should understand the *functioning of Security Technologies* including Anti-virus, Firewalls, Intrusion Prevention, Packet Capture tools, Remote access technologies etc. 9. *Understanding of common network services* (web, mail, DNS, FTP, etc.), network vulnerabilities, and network attack patterns 10. Possess knowledge and experience in Threat Ecosystem, remediating Malware, Rootkits and Botnets 11. Strong analytical and problem-solving skills 12. Good organization skills to ensure coordination and smooth hand-offs between onshore & offshore/nearshore teams 13. Strong communication (verbal and written) and interpersonal skills 14. Project Management experience with an ability to mentor the team and meet delivery objectives Good-to-Have Certifications preferred - CISSP, GCIH, GCFA, CHFI, CEH, SEC+ Experience in System forensics would be an added advantage Executive briefing & reporting skills with attention to detail *Responsibility of / Expectations from the Role * 1. Lead the team with accountability to ensure overall delivery requirements are met 2. Responsible Security event triage and security incidents investigations, including support for forensics analysis. 3. Conduct proactive threat and compromise analysis by reviewing reports to understand threat campaign(s) techniques, lateral movement and extract indicators of compromise (IOCs). 4. Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance with industry best practices to safeguard internal information systems and databases 5. Analyze a variety of network and host-based security appliance logs determine the correct remediation actions and escalation paths for each incident. 6. Ability to conduct packet analysis and articulate findings to fine-tune alerts 7. Conduct advanced use case development leveraging all product features (trends + variables + hierarchal architectures, Pattern Discovery) 8. Responsible for security incident response and documentation of investigation reports 9. Prioritize & determine events that are relevant for immediate action, which are wait and watch and which are not relevant 10. Maintain an expert understanding of vulnerabilities, response, and mitigation strategies used to support cyber security operations 11. Serve as point of escalation for Level 2/1 Security Analysts 12. Tune all security appliances for relevant alerting levels 13. Work closely with all Security Operations staff to ensure 24x7 availability. *Bharat Chhibber | Sr. Technical Recruiter* *Direct: 919 626 9615 | EMAIL bhara...@accurogroup.com <bhara...@accurogroup.com>* -- You received this message because you are subscribed to the Google Groups "Android Discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-discuss+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/android-discuss/CAEmgVe1RVhOkZqGtNtQyg-XA9j7RzHwgux1Njq4Qxezhejdu9Q%40mail.gmail.com.