- Advertisement -
- Investigate intrusion attempts and perform an in-depth analysis of exploits.
- Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident
- Launch and track investigations to resolution
- Recognize attacks based on their signatures, differentiate false positives from true intrusion attempts
- Alert clients of intrusions and potential intrusions and compromises to their network infrastructure
- Remotely monitor and manage client network security devices.
- Actively investigates the latest security vulnerabilities, advisories, incidents, and penetration techniques and notifies clients when appropriate.
- Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.
- To continuously improve on their knowledge around information security as it relates to their job and identifying and preventing phishing attempts.
- Act as a shift lead and review tickets before they are being escalated to clients.
- 3-5 years’ experience in the IT security industry, preferably working in a SOC environment.
- Bachelor’s in computer science/IT/Electronics Engineering, M.C.A. or equivalent University degree
- Certifications: CCNA, CEH, CHFI, GCIH, ITIL
- Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products
- Experience with Security Information Event Management (SIEM) tools, creating advance co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessment.
- Should have expertise on TCP/IP network traffic and event log analysis.
- Knowledge and hands-on experience with SIEM tools
- Knowledge of ITIL disciplines such as Incident, Problem and Change Management
- Configuration and Troubleshooting experience on Cisco ASA, PaloAlto firewalls would be an added advantage.
- Strong verbal and written English communication.
- Strong interpersonal and presentation skills
- Ability to work with minimal levels of supervision.
- Willingness to work in a job that involves 24/7 operations.
- Shift management and scheduling.
- Remain vigilant while continuing to maintain and enhance the overall security of Eze Castle Integration and the client’s receiving our services.
- Maintain awareness about the potential risks based on the environment they are operating in and the clients they are working on
- Ability to work in an independent environment with minimal supervision.
- Ability to work under a moderate noise level (i.e. working on an open floor with printers, telephones, and computers).
- Ability to propose new use cases and tune the noisy alerts in SIEM and EDR.
- Overtime may be required to meet project deadlines (including late nights and weekends)
- Ability to travel for business and work beyond normal business hours when necessary.
- Ability to be flexible and successfully respond to multiple work pressures.
- Sitting for extended periods of time
- Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components
- Advertisement -
The Job is closed. Check the latest active jobs here.