CONSULTANT
Description:
Posting).
Job Description for SIEM Analyst/Incident Responder/Threat Hunter
HCL CSFC provides a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.
CSFC Noida is looking for an experienced SIEM Analyst professional candidate to join its team.
Candidate Persona
Ability to work with very large and complex network.
Self-motivated individual and creative thinker who will take ownership of tasks and projects, able to work with the team, and manages tasks effectively and has a proven track record of consist and organized outputs.
The ideal candidate will demonstrate an eagerness to understand complex problems and requirements, an aptitude for translating these problems into workable designs and solutions, and will possess a keen eye for detail.
This position is based in Noida, India
Skills Required 4+ years for L2 8+ years for L3: Hands-on experience in 2 or more of the SIEM Analysis and SIEM content management areas
Having knowledge/experience on any SIEM tools or Experience on IDS (Intrusion Detection systems) platform and Network Security roles.
Exposure to Mitre framework and equivalent, Hands on experience in EDR platforms and threat analysis, threat hunting/incident response experience.
Experience and knowledge in Network security/ System Security/ Endpoint Security.
Experience of Event Monitoring and analysis and escalations. Provide inputs for content management.
Experience on Monthly, Weekly and daily reporting.
Willing to work on 24/7 operations.
Review SIEM escalated incidents and qualify true positives
Provide a monthly trend and security analysis summary report
Provide SIEM event/Incident analytics support
Provide log analysis summary and recommendations on detection/protection of incidents
Perform advanced triages and work in collaboration with resolved groups, third party or with designated customer contacts
Liaise between cross functional teams and assist in formulating security incident response report
Advocate protection and mitigation strategies to be implemented from lessons learnt exercises
Soft skills
Shall have good verbal/written communication skills
Should be willing to work in 24x7 environments
From time to time travel opportunities may be assigned
Incumbent should carry continual system improvement mindset and able to demonstrate in work.
Client facing technical analysis report and presentation skills
To clealry understand the client's cybersecurity environment and respective technological products. (2.) To identify and mitigate cybersecurity gaps in the client's environment and Skill Enhancement (3.) To complete assigned projects and tuningortechnical enhancement activities within the agreed timelines and support in the maturation of client's security postureorcomplianceorprocesses through idea generation and value creation. (4.) To analyse security concerns in Change Management Process and implement tools for Cyber Security improvement. (5.) To investigate cybersecurity incidents, perform RCA, work and coordinate with teams for all the ongoing critical security issues. (6.) To enable knowledge transfer through creationor maintenance of process documents; and training for specific tools to ensure all team members are updated on the tools and processes used (7.) To update client and stakeholders on current project progress and ongoing critical issues
Qualification
B.E, BCA, BSc, B-Tech, M.E., M.Sc, M.TECH, MBA, MCA
No. of Positions
1
Skill (Primary)
Information Security-SIEM expert-SIEM expert
Auto req ID
1384708BR
Full time