19th Jan 2017
We are looking for Individuals with a strong background in networking, with corporate network and applications security experience. The individual should be familiar with the processes within the Network Operations Center (NOC) to help integrate the Security Operations Center- SOC with the NOC. The team will need to establish and document the processes for the SOC. The SOC will need to operate 24 hours a day and the individuals on the team will need to be flexible in their work schedule as there will be 2nd and 3rd shift work hours.
Skills Required:
• BE/ME/MCA with 8+ years of experience in similar role
• In-depth knowledge of Windows and Linux servers
• Understands common network services
• Possess analytic l and problem solving skills
• Understands Corporate Network, Application and Data security, vulnerabilities and attack patterns Be able to read and work with IT SecurityAlerting Tool
• Ability to use network packet capture tools and read network packets
• Be able to use the IT Security Tools for network forensics work
• Be able to work with the vendors on the different IT Security Tools in place
• Be able to update rules and profiles within the IT Security Tools
• Be able to work with end users to fix Security issues with end points, applications and Servers Track Security issues and follow up until completed
• Possess good verbal and written communication skills
Tool set that will be used
• SIEM AT &T Security on Demand–Alerts Tuning &Updating Rule set
• StealthWatch–Alerts, Tuning & Updating Rule set
• Fortigate Analyzer-Alerts, Tuning &Updating Content Filter Rule set for Web surfing/Reports Windows Event Logs–Base-line for Windows clients
• Server Logs with Syslogs from servers
• ISE–Alerts & working with quarantine Laptops
• Symantec–Alerts & Reports(TCS & workstation Support Team)
• Info Blox for IP and DNS