Description
Job description:
• The primary responsibility is to work on the existing or new Incidents, Service requests and Tasks
• Escalation point for L1 and triage the unresolved incidents or requests
Business Relationships:
• Constantly communicates with associates and customers
Key Responsibilities
Process
• Day to day Operational issues, requests and Project tasks
• Incident response and resolution within SLA's with excellent analytical and troubleshooting skills
• Providing all the necessary details to leads about the issue, steps taken, recommendation and any other relevant information
• Ticket Status Check and Update
• Respond to False Positive Alerts
• Incident Escalation and Progress Monitoring
• Create, review, update, and maintain Standard Operating Procedures.
• Perform the Shift handovers
Skills
Must-have Skills: Prior working experience Vulnerability Management • Install, Configure, Maintain and troubleshoot Vulnerability Management applications like Qualys and Rapid7 • Perform Vulnerability Assessments over the client infrastructure • Perform Validating and exclude vulnerabilities based on the customer requirements • Create Vulnerability Management dashboards and prepare trending reports SIEM/IDR/MDR • Configure, Maintain and troubleshoot SIEM/IDR/MDR environment (Splunk, AWN, Rapid 7 Insight IDR) • Perform security event detection and threat analysis • Provide log/network/malware/device analysis for remediation of security vulnerability conditions • Validate log sources and indexed data, search through the indexed data to optimize the search criteria • Eliminate the false positives • Create reports and dashboards • Perform upgrades to the environment based on the documentation provided Good to have skills: Prior working experience Monitoring Tools: • Solarwinds o Install, Configure, Maintain and troubleshoot Solarwinds Orion components including NTA and SAM o Configure and Troubleshoot SNMP and WMI based monitors o Configure and Troubleshoot Adding / Modifying/ deleting devices o Configure and Troubleshoot URL monitoring o Configure and troubleshoot ESXi, Linux, and MS Cluster resources monitoring o Performing addition or removal of devices from Maintenance o Configure and Troubleshoot Adding / Modifying/ deleting thresholds for the devices o Scheduling or generating manual/custom reports o Prepare Technical documentation • LogicMonitor o Configure and Troubleshoot SNMP, WMI and SSH based monitors o Configure and Troubleshoot Adding / Modifying/ deleting devices o Configure and troubleshoot ESXi, Linux, and MS Cluster resources monitoring o Configure and Troubleshoot URL monitoring o Configure Global Setting such as Importing/Modifying LogicModules (DataSource/ConfigSource/etc.) o Performing addition or removal of devices from Maintenance o Configure and Troubleshoot Adding / Modifying/ deleting thresholds for the devices o Scheduling or generating manual/custom reports o Eliminate false positives o Prepare technical documentation • Experience on other monitoring tools such as SCOM, Zabbix, Datadog, etc., are desirable • Experience on other vulnerability Management tools such as tenable, AlienVault, Nessus is desirable • Experience on other SIEM tools such as Solarwinds SEM, ArcSight, QRadar, etc., are desirable • Candidate working with Managed Services/IT Services company is preferred, and a background in dealing with global teams and remote teams will be a strong plus • Relevant certification: ITIL is a strong plus
Education
Any Graduate
- Posted On: Few Days Ago
- Experience: 4-6
- Openings: 1
- Category: Security Analyst
- Tenure: Full-Time