SOC Lead Architect - Onsite (IBM - QRADAR) SOC Lead Architect - Onsite (IBM - QRADAR) …

in Chicago, IL, USA
Festanstellung, Vollzeit
Seien Sie der erste Bewerber
in Chicago, IL, USA
Festanstellung, Vollzeit
Seien Sie der erste Bewerber
SOC Lead Architect - Onsite (IBM - QRADAR)

• Superviseand manage Level 1/L2/L3 SOC security analysts.
• Identifytraining opportunities for the team to mature into a highly proactive &efficient security response team.
• Monitormultiple security technologies, such as SIEM, IDS/IPS, syslog, file integrity,vulnerability scanners.
• Enable toCorrelate and analyze events using SIEM tool to detect IT security incidents.
• Manage SLAsfor security tickets.
• Be thePOC for customer for any enhancement requirements in SOC
• Be thePOC for representing weekly/Monthly/Quarterly security trends and enhancementto Customer (security officer/CSO/CISO)
• Enableintegration and adherence to the multiple vetted sources of emerging securitythreats, risks and vulnerabilities by well assessing the same.
• Establisha robust KEDB/SOPs for security events/incidents and enable L1/L2 teams inmaintaining/updating and following the same.
• Run mocktriages on technical/approach/processes in SOC with the SOC team on a regularbasis.
• Design& implement operational process and procedures to appropriately analyze,escalate, and assist in remediation of critical information security incidents.
• Provide 24x7operational support for escalations.

• Min 12 plus years of experience incyber security Management using SIEM tools like IBM QRadar/QROC
• Moderateto Advanced event analysis leveraging SIEM tools
• Moderateincident investigation and response skill set
• Moderatelog parsing and analysis skill set
• Moderateknowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP,etc)
• Moderateknowledge of malware operation and indicators
• Moderateknowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
• Moderateknowledge or IDS/IPS systems
• Moderateknowledge of Windows and Unix or Linux
• Moderateknowledge of Firewall and Proxy technology
• Basic toModerate knowledge of penetration techniques
• Basic toModerate knowledge of DDoS mitigation techniques
• Basicknowledge of Data Loss Prevention monitoring
• Basicexperience with scripting
• Basicknowledge of forensic techniques
• Basic toModerate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
• Basicknowledge of audit requirements (PCI, HIPPA, SOX, etc.)
• Experiencedin mentoring and training junior analysts

SecurityCertifications Preferred (Including but not limited to the followingcertifications):
• CertifiedIncident Handler (GCIH)
• CertifiedIntrusion Analyst (GIAC)
• CertifiedEthical hacker (CEH)
• CertifiedExpert penetration tester (CEPT)

SIEM ExperienceRequired

Cognizant logo
Ähnliche Jobangebote
Mehr Jobangebote ansehen