Security Technical Lead
  • Gurus Infotech Inc.
2 Hours Ago
NA
C2C
Fort Mill-SC
13-15 Years
Required Skills: SIEM Concepts, Cyber Security operations, networking, web related protocols, Mobile device protection, firewalls, intrusion detection systems, AV systems, spam systems, event correlation devices, log file analyzers, Threat Intelligence, IT vulnerabilities, Compromise methodology, Indicators of Compromise, incident investigation, SOC, VM
Job Description
Years of Experience - 12+ Years MUST
 
Required Skills
  • Excellent analytical, problem-solving and decision-making capabilities
  • Excellent verbal, written and presentation communication skills
  • Experience in managing multiple projects, deadlines, and resources
  • Broad experience working in and/or supervising security operations
  • Experience working in a geographically diverse and fast-paced environment
  • Understanding of current information security challenges and solutions; industry trends
  • Experience leading cross functional teams, preferably as part of a global team
  • Extensive knowledge of security devices such as firewalls, intrusion detection systems, AV systems, spam systems, event correlation devices, log file analyzers etc.
  • Understanding of ever-evolving Security information such as Threat Intelligence, IT vulnerabilities, Compromise methodology, and Indicators of Compromise.
  • Ability to explain findings to non-technical professionals and management and be able to work under pressure in time of critical or emergency situations with attention to detail and accuracy
  • Problem Solver - Set examples to team e.g. how to create an exec report, how to create a runbook that can withstand customer scrutiny,
  • Technical - Needs to be an expert and hands on technical on at least one or two cyber areas such as incident investigation, SOC and VM
  • Good Analytics skills
  • Understand offshore model - Good communicator to work with offshore
  • Solutioning - Knowing when the customer requires a technology transformation and getting ahead of the ask, connecting the dots with our internal experts and solutioning team to shape the solution
 
Detailed job responsibilities
  • Collaborate with other information security and IT professionals to develop and implement innovative strategies for monitoring and preventing attacks.
  • Lead team to conduct proactive monitoring, logging and alerting to analyze, correlate, and respond to cyber-attacks, threat intelligence and ability to define Risk and Compliance Dashboards.
  • Conduct research on emerging information security threats.
  • Develop programs and scripts for various security initiatives.
  • Create technical documentation around the content deployed to the SIEM.
  • Collaborate with SIEM engineers to develop specific content necessary to implement security use cases and transform into correlation queries, reports, rules, alerts from Checkpoint Firewalls, Security IDS, Symantec Enterprise Protection, etc.
  • Execute content management and change management procedures.
  • Identify emerging threat actors and track existing actors as their tactics, techniques and procedures (TTP) evolve.
  • Participate in after-hours on-call for Critical incident management.
  • Participate in technology remediation efforts through cross functional teams & across business units.
  • Collaborate with team to have configuration, testing, integration tasks related to SIEM platform. Perform and guide forensic analysis in response to security incidents. Plan for live incident response (reactive and proactive incident management) by identifying and remediating malicious applications and compromised infrastructure components.
  • Understand Network, Wireless, Mobile Device, and Wan/Lan infrastructure device architecture and associated Security integration for proactive Threat Management.
  • Perform threat and vulnerability assessments and provide subject matter expertise on appropriate threat mitigation.
  • Supports and mentor’s other members of the team. Help to troubleshoot issues with log sources or systems with vendor, and report system defects as needed.
 
Nice to have skills
  • Master-Level understanding and hands-on experience in SIEM concepts such as correlation, normalization, aggregation and parsing.
  • Master-Level understanding of Cyber Security Operations, Incident Response processes
  • Master-Level understanding of enterprise logging standards, with a focus on application logging
  • Master-Level understanding of regular expressions and development of custom Parsers in SIEM
  • Master-Level in Intrusion Detection Systems and Analysis tools.
  • Experience in performing vulnerability assessments and penetration tests. Ability to administer the operations of a security infrastructure.
  • Extensive experience in creating reports, rules, alerts and dashboards in SIEM.
  • Knowledge of networking, web related protocols, SIEM best practices, processes and workflows.
  • Experience in Mobile Device protection
  • Experience in integration of email security on widely accepted email platforms
Apply for job
Easy Apply
Similar Jobs
Cloud Security Architect
Cybersecurity Analyst
Devops Cloud Security Engineer
 Network Security Engineer

Jobseeker

Looking For Job?
Search Jobs

Recruiter

Are You Recruiting?
Search Candidates