Varian Medical Systems India Software Pvt Ltd
The following is a description of some of the job's requirements:
-Reviews and collects asset data (configs, running processes, etc.) on systems for further investigation.
-Determines and directs remediation and recovery efforts.
-Performs deep-dive analysis of security incidents.
-Works on developing and fine-tuning SIEM use cases and develop ideas for new dashboards.
-Recognizes successful/potential intrusions and compromises through review and analysis of relevant event detail information.
-Should have hands-on experience in handling Advanced Persistent Threats
-Knowledge of typical security devices such as firewalls, intrusion detection systems, anti-virus, anti-spam, etc.
-Should understand Vulnerability Management. Experience in certificate management is a plus.
-Knowledge of Microsoft EDR is a plus.
-Threat Analysis: Analyzes security system logs, security tools, and available data sources on a day to day basis to identify attacks against the enterprise. Report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning.
-Incident Response: Performs incident response activities and ensures that proper protection or corrective measures have been taken when an incident has been discovered.
-Incident Response: Independently follow procedures to contain, analyze, and eradicate malicious activity.
-Incident Response: Develop, maintain, and train technical documentation and Standard Operating Procedures (SOP).
-Reporting: Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
-Threat Hunting: Conduct proactive threat research.
-SPAM/Phishing analysis: Executes analysis of email-based threats, including an understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures.
-Malware analysis: Executes automated malware analysis to determine initial threat impact and takes actions appropriately.
-Experience working in a multi-vendor environment.
-Communication - Ability to communicate across all levels of the organization with people of various technical backgrounds.
-Good understanding of Risk Management Frameworks.
-Analytical, self-motivated, critical thinker who can analyze and identify basic indicators of compromise on hosts and applications.
-Interpersonal skills and professional demeanor: Respond to customer inquiries in a timely manner, guiding and advising customers on security best practices in a friendly manner.
-Good understanding of network security architectures, standards, tools, and methodologies (firewalls, proxy servers, email gateways, Access Controls Lists, VLANs, Layer 3 switches, etc.)
-Understanding and knowledge of security attack vectors
-Knowledge of TCP/IP, network packets analysis.
-Experience with Windows, Mac, and Linux operating systems
UNIXLinux Security best practices
Windows Security best practices Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
Typical Education and Experience: Bachelors degree (or equivalent experience) and 5 years of related experience or Masters Degree with 3 years of related experience.
Impress this employer describing Your skills and abilities, fill out the form below and leave Your personal touch in the presentation letter.
Job Description The role involves handling incidents and service requests from customers/end-users by following the standard methods and procedures of the unit. What will your job look like? Y [...]
We are looking for a Security Analyst to join our Cloud Softwares Security Operations Center (SOC) team. NVIDIAs invention of the GPU 1999 sparked the growth of the PC gaming market, redefined mo [...]
Our Purpose We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks [...]
Job Description Overview SIEM/SOC/RTP Monitoring L1/L2 The Security Operations Center (SOC) is a high performance team in charge of physical and cyber security initial threat detection, triage an [...]