Hello, Hope you are doing good.
We have an immediate opening for the below position, kindly let me know your interest with your updated resume at *bhara...@accurogroup.com <bhara...@accurogroup.com>*. *Through TCS.. * *Security Lead* *Houston, TX* *SN* *Required Information* *Details* 1 Required Technical Skill Set - Security Incident investigations, Threat intelligence management - Experience in leading and managing team spread across multiple locations – US, India - Experience in directly working with the customer and managing customer expectations, project deliverables in coordination with nearshore/offshore team - Ability to perform reactive & predictive security analysis and articulate emerging threats to leadership and team - Situational awareness of cyber activity by reviewing open-source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the organization - Vulnerability Management and remediation - Good knowledge & working experience on SIEM solutions such as Splunk for log management, event correlation, security incident management, SIEM architecture - Experience in defining alerts, reports and dashboards 3 Desired Experience Range *Min. 10 years* *Desired Competencies (Technical/Behavioral Competency**)* Must-Have 1. Team management with good Information security technical expertise and ability to frontend customer interactions 2. Security incident investigations using SIEM & EDR solutions. 3. Experience in *Security Incident Response Lifecycle* 4. Experience in defining SOC monitoring usecases and operationalizing them through SOPs, and SIEM based alerts / reports. 5. Experience *understanding and interpreting Threat intelligence *from various external sources including validation of related IOCs in customer environment 6. Good understanding of *Vulnerability Management *process including scanning, executive reporting and remediation tracking 7. Should have *good conceptual understanding* of Windows, Linux operating systems & Networking – TCP/IP Protocol Suite 8. Should understand the *functioning of Security Technologies* including Anti-virus, Firewalls, Intrusion Prevention, Packet Capture tools, Remote access technologies etc. 9. *Understanding of common network services* (web, mail, DNS, FTP, etc.), network vulnerabilities, and network attack patterns 10. Possess knowledge and experience in Threat Ecosystem, remediating Malware, Rootkits and Botnets 11. Strong analytical and problem-solving skills 12. Good organization skills to ensure coordination and smooth hand-offs between onshore & offshore/nearshore teams 13. Strong communication (verbal and written) and interpersonal skills 14. Project Management experience with an ability to mentor the team and meet delivery objectives Good-to-Have Certifications preferred - CISSP, GCIH, GCFA, CHFI, CEH, SEC+ Experience in System forensics would be an added advantage Executive briefing & reporting skills with attention to detail *Responsibility of / Expectations from the Role * 1. Lead the team with accountability to ensure overall delivery requirements are met 2. Responsible Security event triage and security incidents investigations, including support for forensics analysis. 3. Conduct proactive threat and compromise analysis by reviewing reports to understand threat campaign(s) techniques, lateral movement and extract indicators of compromise (IOCs). 4. Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance with industry best practices to safeguard internal information systems and databases 5. Analyze a variety of network and host-based security appliance logs determine the correct remediation actions and escalation paths for each incident. 6. Ability to conduct packet analysis and articulate findings to fine-tune alerts 7. Conduct advanced use case development leveraging all product features (trends + variables + hierarchal architectures, Pattern Discovery) 8. Responsible for security incident response and documentation of investigation reports 9. Prioritize & determine events that are relevant for immediate action, which are wait and watch and which are not relevant 10. Maintain an expert understanding of vulnerabilities, response, and mitigation strategies used to support cyber security operations 11. Serve as point of escalation for Level 2/1 Security Analysts 12. Tune all security appliances for relevant alerting levels 13. Work closely with all Security Operations staff to ensure 24x7 availability. *Role- 2* *Role – SOC L3/ SOC Lead .* *Experience-7-12 years* *Contract* *Responsibilities:* · Graduate with 5-8 years’ experience of working in IT Security. · Good Knowledge of Incident Management. · Experience in working High Severity Complex Cyber Security Incidents that involved multiple Business Functions and Technology Teams. · Good Data Analysis and Presentation skills. · Good Communication skills. · Good understanding of MITRE ATT&CK Framework *Personal Characteristics:* · Strong communication skills, ability to work comfortably with different regions · Actively participate within internal project community · Good team player, ability to work on a local, regional, and global basis and as part of joint cross location initiative. · Self-motivated, able to work independently and with a team · Able to perform under pressure. *Job Description* 1. Provide the first-line supervision of Security Operations Center (SOC) services to ensure delivery within the agreed service levels. 2. Performing the real time analysis of security events from multiple log sources and participate in providing containment recommendations. 3. Candidate has sound understanding of RSA Netwitness, UEBA, Carbon Black EDR, Fire eye ETP/Nx, MS O365 - Microsoft Defender, Phishing mail analysis and recorded future threat detection platforms. 4. Contribute to the development and improvement of security detection, Incident response process and solutions are required to support ongoing operations. 5. Proactive detection, threat hunting and IOC enrichment and analysis 6. SIEM tool management and day to day operations. 7. Maintain Standard Operating procedures, Processes for SOC 8. Resolve the problem independently and manage the first level escalations. 9. Understanding of TCP/IP stack, OSI model, Network protocols and cyber security attacks. 10. Preparing the SOC monthly and weekly report. 5 years of work experience of Cyber security in SOC Operation in a Medium/Large Global Organization. Excellent verbal, written, and analytical skills. Ability to work well in team environment. Ability to adopt new technologies and tools. Able to work in 24/7 if required *Bharat Chhibber | Sr. Technical Recruiter* *Direct: 919 626 9615 | EMAIL bhara...@accurogroup.com <bhara...@accurogroup.com>* -- You received this message because you are subscribed to the Google Groups "Android Discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-discuss+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/android-discuss/CAEmgVe00X9n2p2UM%2BK8Tk21t7VYL3X-qXPp92Ns6bNN-sCgzeQ%40mail.gmail.com.