Position: SOC + VM (vulnerability Management)
Location: Phoenix, AZ ***Day 1 Onsite***
Minimum 8+ years of experience.
Provide technical leadership for the delivery team, responsible for L3 incident resolution.
· Hands-on experience in 2 or more of the Vuln Assessment tools and Vuln. Lifecycle management
· Well conversant in Qualys, Tenable, rapid7 & MS Defender covering both VM & Policy compliance scanning.
Exposure to Mitre framework and equivalent, Hands-on experience in EDR platforms and threat analysis, threat hunting/incident response experience
Coordinate SOC efforts across multiple business units during response.
Contribute towards Technology Transformation and drive automation initiative
Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms.
Perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and response to threats
Conduct proof-of-concept reviews for new security products.
Prepare reports, summaries, and other forms of communication that may be both internal and client facing.
Maintaining familiarity with industry trends and security best practices.
Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
Work/guide on scripting like Python, Perl, Bash and/or Shell scripting
Evaluating Email Security solutions for policies like Sender Policy Framework (SPF) and Domain Keys Identification Mail (DKIM), recommend finetuning.
Effectively communicate/present security concepts with both technical and non-technical individuals
Author postmortem reports to be provided to senior leadership following an intrusion or red team engagement.
Hands-on experience in 2 or more of the SIEM Analysis and use case management areas
Advocate protection and mitigation strategies to be implemented from lessons learnt exercises
Strong knowledge and work experience in handling vulnerability assessment on cloud-based architecture using Prisma cloud, Wiz.io etc.
Other tools knowledge pertaining to CSPM AND ASM will be preferred in addition.
Experience in defining, implementing, and consulting for vulnerability management framework based on enterprise security.
Development, revision, and maintenance of Standard Operating Procedures and other Operational Documents
Soft skills
Shall have good verbal/written communication skills
Should be willing to work in 24x7 environments
Incumbent should carry continual system improvement mindset and able to demonstrate in work.
Should have client facing technical analysis report representation skills
Any Graduate