Associate Lead Engineer - Security Operations Center

Computers/Software $job.jobTypeName Trivandrum, Kerala ReqID:6001


Description

Primary Responsibilities

  • Responsible for Security Monitoring and Incident Response – Support the investigation and contribution to large- and small-scale computer security breaches, Monitor the alert and incident management operations for quality, Assist the team with alert and incident management as and when required.
  • Responsible for developing and managing SOAR solutions to automate incident response, integrate security tools, create playbooks, and enhance overall security operations efficiency and effectiveness
  • Responsible for Cyber Threat Hunting – Cyber threat hunting execution for the entire Envestnet group, Tactical threat intel Coordination, Describe and identify suspicious binary traits, Identify potential malicious activity from memory dumps, logs, and packet captures, Monthly threat hunting statistics preparation. 
  • Assistance in Digital Forensics – Assist the operational management with increasing the digital forensics coverage. Additionally, assist the team with case-specific digital forensics efforts.
  • Purple teaming – Assisting the team with designing and executing purple teaming exercises.
  • Responsible for Compiling of Security Metrics - Compile security metrics and efficiency metrics for management review. Work towards automation of the management reports.
  • Responsible for Audit Response – Respond and coordinate external and internal audits.
  • Assist operations management in providing requirements for new and existing security systems, tools, and applications
  • Assist in writing best practice procedures for the following services: Incident analysis, Incident response coordination, Cloud Security, Cyber Threat Hunting, Digital Forensics, Security audits or assessments, certificate authority, log research & diagnostics and host vulnerability scanning.

Work Experience

  • 5 - 8 years working in Security operations environments handling incident response, threat intelligence & threat hunting operations
  • Process-oriented and capable of handling incidents independently.
  • Experience in analyzing alerts, vulnerabilities, and other security issues, taking actions based on set procedures.
  • Proven ability to analyze multiple events and draw conclusions
  • Hands-on exposure to digital forensics.

Skills

  • Excellent communication skills, both verbal and written
  • Good experience and knowledge of Operating Systems, Networks and Security technologies
  • Knowledge of EDR, SIEM, IDS, Cloud, and other security analysis tools.
  • Experience working in a heterogeneous environment
  • Should be able to co-relate multiple events and arrive at a decision.
  • Should be process-oriented.
  • Should be a team player and has good interpersonal skills.
  • Working on Linux is a plus.
  • Scripting knowledge is a plus.
  • Experience in handling security projects is a plus

Education/Degree(s)

BS degree/Engineering in IT or related field / Masters in Computer Applications 

Certification/Training
Digital Forensics and/or Threat hunting certifications are preferred.
AWS Security Certification is a plus.