Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

IBM Security – SIEM Threat Responder 
India, Maharashtra, Navi Mumbai 
745329480

10.07.2024

Your Role and Responsibilities
As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. These Senior Specialists are QRadar SMEs that are responsible for event analysis & threat responses. They would also be performing investigation of events escalated from monitoring (Level-1 & 2) team, along with hygiene & availability of enterprise SOC platform.


Responsibilities:

  • Cyber Security Threat Hunter should have knowledge regarding advanced persistent threats (APT), cybercriminal groups, and hacktivist operations.
  • Candidate should have knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITER ATT&CK Matrix.
  • The ability to track APT groups motives, analyse current security controls data logs and brief reporting for new ongoing cyber threat operations.
  • Candidate must also understand security vulnerabilities and malicious actor tactics, techniques, and procedures (TTPs) to assess known and emerging cyber threats and better evaluate the effectiveness of layered defenses and toprovide strategic recommendations on new technical and non-technical protections.
  • Successful shortlisted candidate will be working with our Threat Intelligence team to develop IOCs for specific cyber threat actors or groups and to understand their tactics, techniques and procedures.


Required Technical and Professional Expertise

  • Overall, 4 years of experience with 3+ of relevant experience.
  • B.E./ B.Tech/ MCA/ M.Sc. in Computer Science or IT
  • Proven expertise in handling incident, threat response, incident co-ordination, threat mitigation, recovery support
  • Security Consulting and policy tuning with Situational & environment awareness of business & Incident response.
  • Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists.
  • Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach.
  • Work in a 24×7 Security Operation Centre (SOC) environment


Preferred Technical and Professional Expertise

  • Preferred SIEM OEM Certified SIEM Specialist + CEH
  • Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
  • Intuitive individual with an ability to manage change and proven time management
  • Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
  • Up-to-date technical knowledge by attending educational workshops, reviewing publications