Analyze components of the Information Security Program to identify weaknesses and develop opportunities for improvement
Ensuring various security logs source (IPS, Firewall, WAF, AV, EDR etc.) are intact and reviewing access rules
Integrating critical assets/application in SIEM tool
Anticipate security alerts, incidents and disasters and reduce their likelihood
Knowledge in electronic investigation and forensic processes and methodologies including experience with reviewing raw log files for analysis and data correlation
Knowledge in cloud security controls (AWS, Azure, Google)
Preparing security incident correlation polices
Reviewing security alerts and take appropriate action as per defined policies
Conduct incident triage and investigation
Coordinate with respective stake holders to run vulnerability scans and reviews vulnerability assessment reports.
Familiarity with security frameworks (e.g. NIST Cybersecurity framework) and risk management methodologies
Reviewing access rules enabled in various network, security products are as per POA
Testing SIEM use cases and identifying security gaps
Experience in implementing security solutions that resolve security and business risk trade-offs
Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
Job Type: Full-time
Schedule:
Ability to commute/relocate:
Kolkata, West Bengal: Reliably commute or planning to relocate before starting work (Required)