Network Security Analyst Qradar / SIEM support must Bartlesville, OK The following requisition has been assigned:
Contract Long Tem TITLE: Network Security Analyst STATUS: Open LOCATION: Bartlesville, OK, United States # of Openings: 1 Requisition Details: Qradar / SIEM support Administrative Activities: Ensure Qradar tool availability 99.XX% uptime Monitor, advise on required compute, storage and Network (BW) resources for optimal IBM Qradar operations (performance and Capacity Threshold definitions, corrective actions following any threshold breaches) Define SOPs/WI on actions to be performed by Monitoring team following a event trigger - Create Custom and Routine Report templates per business needs - Assist Security teams in Audit activities -furnish Log Data, Forensics data and analysis as and when needed - Backup and Restore procedures Operations and Support Activities: - 24x7 SIEM Event monitoring, eyes on the monitor - Perform Backup and Restore activities - Generate Periodic and Custom reports Tenable/ VM support engagements Administrative Activities: - Ensure VA tool availability 99.XX% uptime - Hygiene, Runbook activities to ensure the tool and the underlying infrastructure availability - Add, Change and Delete Assets to be scanned - Monitor, Advise on required compute, storage and Network (BW) resources for optimal VA scan operations - Create and schedule scan jobs based on the criticality, geo, business importance of assets - Define SOPs/WI on actions to be performed by operations team following a scan job failure - Create Custom and Routine Report templates per business needs - Assist Security teams in Audit activities - Integrate and monitor Threat intelligence feeds - Backup and Restore procedures Operations and Support Activities: - Troubleshoot and resolve failed scan job - Escalate complex incidents to Admin/L3 teams Fidelis support Administrative Activities: - Ensure Fidelis IDS systems availability, 99.XX% uptime - Hygiene, Runbook activities to ensure the complete IDS operations - Signature updates - Create custom rules / configure out of box rules (included) - Minor SW and FW upgrades - Assist Security teams in Audit activities - Integrate and monitor Threat intelligence feeds Operations and Support Activities: - 24 x 7 Event Monitoring - Daily Health checks and routine maintenance (included) - Capacity Management (included) - 1st Level triage and incident resolution - Incident escalation with expert commentary on identified incidents, - assist Network and Systems in issue resolution when appropriate - Provide intrusion details, assist Security SMEs in compromised asset isolation - provide workaround to restore services when possible - Assist in sandboxing when required - Generate Periodic and Custom reports" *Thanks & Regards,* *Suman Bakshi (Sam)* *SourceChip,Inc |Email- s...@sourcechip.net <s...@sourcechip.net> * *Phone-732-917-4895 |www.sourcechip.net <http://www.sourcechip.net/> * *https://www.linkedin.com/in/sumanbakshi <https://www.linkedin.com/in/sumanbakshi> * -- You received this message because you are subscribed to the Google Groups "SAP Workflow" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-workflow+unsubscr...@googlegroups.com. To post to this group, send email to sap-workflow@googlegroups.com. Visit this group at https://groups.google.com/group/sap-workflow. For more options, visit https://groups.google.com/d/optout.