Monday, September 30, 2019

QA Automation Engineer

Role: Lead – Incident Response & Threat Hunting
 
Location: Wilmington, DE
Position: Full Time
Job Description:
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence
Lead 24x7 SOC teams providing operational and strategic planning, including fostering innovation, planning projects, and organizing and negotiating the allocation of resources.
Ensure timely reporting of metrics, security control gaps, and vulnerabilities to leadership by providing quantitative insight into security posture
Hands on Experience in providing Level 3 incident Response & Threat Hunting
 Manual Log analysis of various security devices - Server, FW, IPS/IDS etc.
Threat modeling & hunting using security tools.
SIEM Tool (IBM QRadar)- Administration & Support
Use Case Development/Enhancement
Content Development, Co-relation Rule creation / modification / review
Oversee program to prepare organization for active threat and vulnerability defense and remediation, and security incident management
Lead the development of Cyber crisis management playbooks, run books and plans to ensure effective response during a significant event.
Lead will evolve the incident response program that aligns with the enterprise incident management framework and includes incident detection, analysis, containment, eradication, recovery and forensic artifacts required for additional investigations.
Hands-on experience finding and responding to advance persistent cyber-attacks (APT) in a global network setting
Change agent with ability to drive accountability & outcomes across a diverse threat landscape
Strong Technical escalation management experience.
Ensure delivery compliance to SOW &  service level adherence
Interface with customer  & delivery team
Regular customer connect &  escalation management
Technical delivery parameter compliance tracking & reporting
Implementation Standardize service delivery  framework across multiple accounts
Essential Technology Skills
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence

Must Have
8-10 years in IT related roles and 5-8 years of experience in at least two security operations disciplines within an enterprise scale environment (such as tier 3/4 incident management, cyber threat analyst, cyber intelligence analyst, cyber investigation, Threat Hunting)
Experience with SOC incident response and management including 24x7x365 continuous monitoring, detection and analysis of potential intrusions in real-time
Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, iOS, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks.

Regards ....
Ganesh Yadav
408-898-2687