Job Seekers, Please send resumes to resumes@hireitpeople.com

Responsibilities:

Handling escalations and work as L3 analyst for remediation of Security Incidents. Participate in Incident Response and investigation of suspected information technology security misuse and provide recommendation to Clients for Global Threats (Like WannaCry, Petya, Non-Petya Bab-Rabbit, Zero-day vulnerability). Ability to write Complex use cases configured for different sophisticated attacks like DNS Reconnaissance, Phishing, Spearphish, APT, Lateral Movement, Browser Compromised, DNS Amplification, Event analysis, attack identification, investigation and correlation, and implementation of mitigation measures. Ability to identify the adversarial activity and methods for future detection and prevention. Use a combination of Open Source research of exploits or vulnerabilities, including Zero–Day, network flow, log review, event correlation, and PCAP analysis to complete investigations. Deep investigation of potential attacks and potentially compromised systems Forensic analysis of network traffic or windows hosts. Leading or participating in the incident response process Provide recommendations and implement changes to optimize Splunk detection capabilities Generate required SOC reports and metrics

Requirements / Qualifications:

6+ years of work experience, with a minimum of 4 years of experience in SOC Hands on experience with incident analysis and Deep understanding of Windows internals Ability to develop remediation plans based on organizational needs and priorities Excellent understanding of Splunk SIEM Console Good understanding of networking and network security technologies (IDS, Firewall) Ability to maintain working relationships with diverse stakeholders Excellent written and oral communication skills Should also have experience in developing content/use cases for Splunk monitoring and Should have relevant Splunk certification Demonstrated skill in troubleshooting - ability to provide resolution and/or workarounds to complex problems and Provide guidance and support for Tier 1/Tier 2 Security analyst. Security certifications such as CEH CISSP are preferred.

Minimum years of experience*: 6+

Certifications Needed: No

Interview Process (Is face to face required?) No

Does this position require Visa independent candidates only? No