SOC analyst with 2+ years experience in McAfee Nitro /Mcafee SIEM / McAfee ESM.
Woking hour will be 2:00 PM to 11:00 PM
Security Engineer and Monitoring - SOC Level Tier 1 Services - Project Ramp Up process to a 24x7 Monitoring
Core assignment.- Monitoring and Analysis - Detection Phase of the Nist Model
with experience on maintenance, Support/Troubleshooting of the McAfee ESM Tool (Backup & Restore, Configuration)
Tool: McAfee Enterprise Security Manager
This is for L2Support, experience in Level 2 support is required
Basic understanding of SANS Nist Model
Familiarity with information security risk management frameworks (ISO 27001, NIST SP 800-37, NIST SP 800-53, etc.) and their applications.
Basic to Moderate knowledge of penetration techniques
Basic knowledge of Information Technology forensic techniques
Capable of technical documentation for data flows, system integrations, design documentation, and standard operating proceed
Experience in designing and implementing Security Information and Event Management (SIEM) for a large organizations.
Experience with content SIEM content creation, dashboard development, and reporting.
Experience architecting, implementing, tuning, and managing the McAfee Security Information and Event
Responsible for operating, tuning, and reviewing maintenance of cyber security tool McAfee SIEM
product suite, including Enterprise Security Manager(ESM), Enterprise Log Manager (ELM), log receiver, event correlation engine and others.
Responsible for configuration of current enterprise security log source types into the SIEM by performing operational Support task for McAfee systems consisting of Incident, Break-Fix support, and Standard Service Request.
Assist in configuration of security devices adhering to policies and templates
Assist in Incident Handling procedures (This includes monitoring as well as post-incident follow up)
Assist in documentation of environment (Assets) (This includes networks, devices: servers, workstations)
Assist in documentation of security systems: Firewalls, Web Proxies, IPS rules, Anti-Malware/DLP policies
Assist in development and maintenance of Security Policies and Procedures
Assist in Risk Analysis and Management concerning computer security