| Sr SOC Engineer and Incident response - Splunk and AWS Must || San Jose, CA(Completely Onsite) || 12 Months Contract at Remote, Remote, USA |
| Email: [email protected] |
|
From: Saumya Singh, Tanisha Systems [email protected] Reply to: [email protected] Sr SOC Engineer and Incident response - Splunk and AWS Must San Jose, CA(Completely Onsite) 12 Months Contract Include someone to work in 24/7 Environment and to support over weekend. F or SR SOC look for DDoS, ISE, multi cloud defense, anti-virus applications, content filtering, firewalls (FP 4K series ) , authentication systems and intrusion detection threat detection and its related notification systems. SR SOC and IR You'll respond to security incidents and analyze and correlate log data with the assistance of teammates as a critical lead role within the Security Incident Response Team (SIRT). You'll report findings to leadership and other internal Client teams while collaborating with engineers to enhance, improve, and modify enterprise and cloud (IaaS, SaaS) configurations based on investigations. Additionally, you'll provide recommendations and apply lessons learned from incidents for tools, process, capabilities, and other new technologies to support business objectives. Responsibilities Analyzing network traffic to identify malicious activity or compromised systems, prevent successful attacks. Ability to collaborate within the team as well as security engineering and detection engineering teams to improve and build new tailored security detections. Properly analyze alerts and being able to decipher between and investigation and an incident. Keep up to date on modern attack techniques to continually integrate knowledge into new detections. Contribute to playbooks and use cases to protect our cloud. Building relationships with the other technical teams across our engineering and infrastructure functions Perform root cause analysis on incidents. Maintains situational awareness for cyber threats across the global firm and act where necessary. Work through incident response engagements through containing security incidents, and remediation. Works mostly independently, translating guidance and direction from management into the best approach to accomplish work. Solves moderately complex problems. Investigate data breaches and malicious activity leveraging forensics tools; analyze Windows, and Linux, in cloud environments to identify Indicators of Compromise (IOCs); examine firewall, web, database, and other log sources to identify evidence of malicious activity. Track emerging security practices and contribute to building internal processes, and our various products. Be able to respond to incidents with minimal guidance. Have a detailed understanding of Splunk and AWS Good to advanced understanding of Splunk, alert creations and creating signatures. Experience using Splunk, developing, maintaining, and tuning alerts. Experience with cloud environments or technologies. Proven knowledge and understanding of security incident types, indicators of compromise (IOCs), Indicators of Attack (IOA), and tools, tactics, and procedures (TTPs) Experience responding to incidents and alerts. Best Regards, Saumya Singh | Sr. Technical Recruiter Tanisha Systems Inc. : [email protected] Tel: 212-729-6543 Ext 361 | Direct : (410) 406-1581 Address: 99 Wood Ave South, Suite # 308, Iselin, NJ 08830 Keywords: California New Jersey Sr SOC Engineer and Incident response - Splunk and AWS Must || San Jose, CA(Completely Onsite) || 12 Months Contract [email protected] |
| [email protected] View All |
| 03:23 AM 02-Apr-24 |