Location: - Phoenix, AZ - Day 1 Onsite • Minimum 8+ years of experience. • Provide technical leadership for the delivery team, responsible for L3 incident resolution. • Hands-on experience in 2 or more of the Vuln Assessment tools and Vuln. Lifecycle management
• Well conversant in Qualys, Tenable, rapid7 & MS Defender covering both VM & Policy compliance scanning.
• Exposure to Mitre framework and equivalent, Hands-on experience in EDR platforms and threat analysis, threat hunting/incident response experience • Coordinate SOC efforts across multiple business units during response. • Contribute towards Technology Transformation and drive automation initiative • Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms.
• Perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and response to threats • Conduct proof-of-concept reviews for new security products. • Prepare reports, summaries, and other forms of communication that may be both internal and client facing. • Maintaining familiarity with industry trends and security best practices. • Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives. • Work/guide on scripting like Python, Perl, Bash and/or Shell scripting • Evaluating Email Security solutions for policies like Sender Policy Framework (SPF) and Domain Keys Identification Mail (DKIM), recommend finetuning. • Effectively communicate/present security concepts with both technical and non-technical individuals • Author postmortem reports to be provided to senior leadership following an intrusion or red team engagement. • Hands-on experience in 2 or more of the SIEM Analysis and use case management areas • Advocate protection and mitigation strategies to be implemented from lessons learnt exercises • Strong knowledge and work experience in handling vulnerability assessment on cloud-based architecture using Prisma cloud, Wiz.io etc. • Other tools knowledge pertaining to CSPM AND ASM will be preferred in addition. • Experience in defining, implementing, and consulting for vulnerability management framework based on enterprise security. • Overall knowledge in VM process and remediation Governance. Ability in working with the Business to effectively communicate the risks of identified vulnerabilities and recommend approach for addressing vulnerabilities. • Collaborating with stakeholders for remediation and providing updates to customers on a weekly and monthly basis. Working knowledge in SNOW, threat monitoring tool and Risk based vulnerability assessment integration Platform. • Development, revision, and maintenance of Standard Operating Procedures and other Operational Documents
Soft skills • Shall have good verbal/written communication skills • Should be willing to work in 24x7 environments • Incumbent should carry continual system improvement mindset and able to demonstrate in work. • Should have client facing technical analysis report representation skills