Senior Security Analyst - Chennai,Hyderabad
- Larsen & Toubro
- 3 - 7 years
- Multi-City, India
- 2 months ago
- Email to a friend
- Report this job
- Hyderabad,Telangana, Chennai,Tamil Nadu
Job Description
Job description:
- Analyze escalated incidents by L1 to identify potential security violations, categorize and initiate response actions.
- Manage Incident response activities till closure of the incident.
- Triage and perform root cause analysis for security incidents.
- Recognizes anomalies in network data / logs that are pushed into the SIEM solution and initiate appropriate response actions.
- Serve as shift leader and point of escalation for level 1 analysts.
- Ensure all unresolvable cases are passed to the correct team for action as appropriate.
- Continuously evaluate defined response playbooks and make improvements for quicker detection and efficient response to security threats.
- Provide recommendations to SIEM Administrator / Use case engineer to define new / relevant use cases as well as update existing use cases, as applicable.
- Continuously monitor threat alert channels to proactively create new alert mechanism to ensure customer environment is monitored for evolving threats.
- Monitor and analyze traffic for potential security threats, including phishing and spam.
- Strong understanding of email protocols and infrastructure like DKIM, SPF, and DMARC
- Manage inbound and outbound security rules for email (filtering, whitelists, spam, etc.)
- Identifying the root cause for the security incidents and fixing the email flaws / fine tune ETR rule.
- Understanding of DLP policies and policy fine-tuning parameters.
- Good understanding of international regulatory requirement like GDPR, SOX, HIPPA, PII, PCI, etc.
- Assist the manager of data protection in streamlining data at rest remediation.
- Work with vendors to support the DLP technology (troubleshooting, upgrades, etc.)
- Conduct regular compliance check on endpoint DLP agents and do preliminary troubleshooting.
Work with vendor to support the respective technologies (troubleshooting, upgrading, etc..)
We are looking for someone with completion of one of the listed degrees B.E./B. Tech/MCA/BSC-IT/Computers/BCA with 4 to 8 years of experience matching the following skill set:
- Practical working experience in SOC monitoring for at least one year in a large Enterprise or in a MSSP environment
- Exposure to multiple clients is an added advantage.
- Strong in explaining the architecture of various security products like Firewall, IPS, DLP, Email security, SIEM, etc.,
- Expertise in tools like Symantec DLP, McAfee DLP, Forcepoint DLP & Email security, O365 Defender, MS EOP, Memicast, Proofpoint, Checkpoint is an added advantage.
- Experience working on Microsoft Sentinel and IBM Qradar SIEM Solution.
- Understanding of cyber security frameworks, such as MITRE attack, NIST CSF, CIS CSC etc.
- Exposure as a shift lead assisting L1 analysts.
- Proven experience in Windows Security
- Good with scripting languages to automate tasks as well as to create connectors / parsers for log sources
- In-depth knowledge on Windows Security
You should at the minimum possess CCNA / CEH / CompTIA Sec+ / Security product-based certification / CISSP.
Job Classification
Industry: Emerging Technologies (Cybersecurity)Functional Area: Emerging Technologies (Cybersecurity)
Role Category: IT Security
Role: Security Engineer / Analyst
Employement Type: Full time
Contact Details:
Company: Larsen & ToubroLocation(s): Multi-City, India
Similar positions
Larsen & Toubro
Larsen & Toubro Infotech Limited LTI (NSE: LTI) is a global technology consulting and digital solutions company helping more than 250 clients succeed in a converging world. With operations in 27 countries, we go the extra mile for our clients and accelerate their digital transformation with ...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in
