Monitoring and Management of Firewall/Intrusion detection/Prevention System – Check Point Smart Console, IBM Security Site Protector. Experience Fidelis technology. Experience with Enterprise Intrusion Detection / Prevention, and Network / Host-Based Malware Analysis engines like Checkpoint Threat Prevention, FireEye, Mandiant, Bluecoat, IBM ISS, RSA, McAfee, Cisco/SourceFire, , HP Tipping Point, etc. Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs). Experience with and knowledge of internet/intranet networking protocols and services, TCP/IP, Routing Protocols, OSI model, defense-in-depth and common security elements Have knowledge on analyzing packet captures, using tcp dump, Wireshark, fwmonitor, etc. Drive process creation and improvement and develop internal Tactics, Techniques, and Procedures (TTPs) for analysis, establishing reporting criteria, structure, and operational reports Identify security incidents through log investigation, correlation and analysis with SIEM Solutions like ArcSight, Splunk, Qradar, AlienVault, McAfee SIEM, etc. Report and investigate on anomalies outside the expected norm. Review of escalated / re-assigned incident tickets and co-ordinate with resolver group for the implementation of solution. Business impacting incident reporting, analysis and resolution. Reporting Skills, Operations skills in the above technologies in complex environments Linux command line experience. Other qualification: Good communication skills. Strong analytical and problem solving skills to troubleshoot and resolve network/operating system security issues. Ability to perform and interpret vulnerability assessments. Ability to administer the operations of a security infrastructure. Ability to balance and prioritize work. Experience in cyber intelligence analysis. Proven track record of successfully managing and executing on short term and long term projects. Ability to set and manage expectations with key stake-holders and team members. Ability to communicate and establish rapport with a global team. Preferred experience: Leads and/or directs the efforts of specialists on project(s) across components and/or technical areas. Provides guidance and direction across components and acts in a consulting and/or advisory capacity. Preferred Certifications: CCNA/CCSA/CCSE/Cisco IPS. CISSP, GCIH, GCIA or equivalent. CEH or equivalent.
- B.E / B.Tech