Cyber Security
Description:
Security Lead
SN
Required Information
Details
1
Required Technical Skill Set
Security Incident investigations, Threat intelligence management
Experience in leading and managing team spread across multiple locations - US, India
Experience in directly working with the customer and managing customer expectations, project deliverables in coordination with nearshore/offshore team
Ability to perform reactive & predictive security analysis and articulate emerging threats to leadership and team
Situational awareness of cyber activity by reviewing open-source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the organization
Vulnerability Management and remediation
Good knowledge & working experience on SIEM solutions such as Splunk for log management, event correlation, security incident management, SIEM architecture
Experience in defining alerts, reports and dashboards
2
No of Requirements
1
3
Desired Experience Range
Min. 10 years
4
5
Location of Requirement
Billing Rate (USD) -
Desired Competencies (Technical/Behavioral Competency)
Must-Have
Team management with good Information security technical expertise and ability to frontend customer interactions
Security incident investigations using SIEM & EDR solutions.
Experience in Security Incident Response Lifecycle
Experience in defining SOC monitoring usecases and operationalizing them through SOPs, and SIEM based alerts / reports.
Experience understanding and interpreting Threat intelligence from various external sources including validation of related IOCs in customer environment
Good understanding of Vulnerability Management process including scanning, executive reporting and remediation tracking
Should have good conceptual understanding of Windows, Linux operating systems & Networking - TCP/IP Protocol Suite
Should understand the functioning of Security Technologies including Anti-virus, Firewalls, Intrusion Prevention, Packet Capture tools, Remote access technologies etc.
Understanding of common network services (web, mail, DNS, FTP, etc.), network vulnerabilities, and network attack patterns
Possess knowledge and experience in Threat Ecosystem, remediating Malware, Rootkits and Botnets
Strong analytical and problem-solving skills
Good organization skills to ensure coordination and smooth hand-offs between onshore & offshore/nearshore teams
Strong communication (verbal and written) and interpersonal skills
Project Management experience with an ability to mentor the team and meet delivery objectives Good-to-Have
Certifications preferred - CISSP, GCIH, GCFA, CHFI, CEH, SEC+
Experience in System forensics would be an added advantage
Executive briefing & reporting skills with attention to detail
Responsibility of / Expectations from the Role
Lead the team with accountability to ensure overall delivery requirements are met
Responsible Security event triage and security incidents investigations, including support for forensics analysis.
Conduct proactive threat and compromise analysis by reviewing reports to understand threat campaign(s) techniques, lateral movement and extract indicators of compromise (IOCs).
Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance with industry best practices to safeguard internal information systems and databases
Analyze a variety of network and host-based security appliance logs determine the correct remediation actions and escalation paths for each incident.
Ability to conduct packet analysis and articulate findings to fine-tune alerts
Conduct advanced use case development leveraging all product features (trends + variables + hierarchal architectures, Pattern Discovery)
Responsible for security incident response and documentation of investigation reports
Prioritize & determine events that are relevant for immediate action, which are wait and watch and which are not relevant
Maintain an expert understanding of vulnerabilities, response, and mitigation strategies used to support cyber security operations
Serve as point of escalation for Level 2/1 Security Analysts
Tune all security appliances for relevant alerting levels
Work closely with all Security Operations staff to ensure 24x7 availability.