Threat Intelligence and Vulnerability Management
Web Penetration Testing - SAC
Key skills required for the job are:
Monitoring of event and flows from SIEM (IBM Qradar) to identify common risks, vulnerabilities and attack vectors to develop and implement efforts to close any gaps.
Monitor multiple security technologies, such as SIEM, IDS/IPS, syslog, file integrity, vulnerability scanners.
Good understanding of incident response and SOC framework and process.
Design & implement operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
Enable to Correlate and analyze events using SIEM tool to detect IT security incidents.
Should have knowledge to Develop and fine tune use casse in conjunction with the Cybersecurity Operations to measure incidents alerts.
Should have advanced knowledge of log analyse within enterprise environments consisting of Windows ystems, networking devices and Linux/UNIX.
Requires knowledge of firewalls, routers, switches, various commonly used operating systems (Windows, Linux, UNIX), common attack tools, and vulnerability detection/management tools.
Strong background in SOC operations and sufficient knowledge on vulnerability assessment and penetration testing.
Experience on IBM Qradar is preffered.
- Moderate to Advanced event analysis leveraging SIEM tools
- Moderate incident investigation and response skill set
- Moderate log parsing and analysis skill set
- Moderate knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc)
- Moderate knowledge of malware operation and indicators
- Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
- Moderate knowledge or IDS/IPS systems
- Moderate knowledge of Windows and Unix or Linux
- Moderate knowledge of Firewall and Proxy technology
- Basic to Moderate knowledge of penetration techniques
- Basic to Moderate knowledge of DDoS mitigation techniques
- Basic knowledge of Data Loss Prevention monitoring
- Basic experience with scripting
- Basic knowledge of forensic techniques
- Basic to Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
- Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)
Minimum work experience:5 - 8 Years
Roles & Responsibilities:
Minimum Experience Required:
Mandatory Skills: Threat Intelligence and Vulnerability Management System Administration
Desirable Skills: Web Penetration Testing - SAC
Language Skills: English Language