Role: - SOC + VM (vulnerability mgmt.) – L3
Location: - Phoenix, AZ – Day 1 Onsite
·Minimum 8+ years of experience.
· Provide technical leadership for the delivery team, responsible for L3 incident resolution.
·Hands-on experience in 2 or more of the Vuln Assessment tools and Vuln. Lifecycle management
·Well conversant in Qualys, Tenable, rapid7 & MS Defender covering both VM & Policy compliance scanning.
·Exposure to Mitre framework and equivalent, Hands-on experience in EDR platforms and threat analysis, threat hunting/incident response experience
· Coordinate SOC efforts across multiple business units during response.
· Contribute towards Technology Transformation and drive automation initiative
·Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms.
·Perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and response to threats
· Conduct proof-of-concept reviews for new security products.
· Prepare reports, summaries, and other forms of communication that may be both internal and client facing.
· Maintaining familiarity with industry trends and security best practices.
· Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
· Work/guide on scripting like Python, Perl, Bash and/or Shell scripting
· Evaluating Email Security solutions for policies like Sender Policy Framework (SPF) and Domain Keys Identification Mail (DKIM), recommend finetuning.
· Effectively communicate/present security concepts with both technical and non-technical individuals
· Author postmortem reports to be provided to senior leadership following an intrusion or red team engagement.
·Hands-on experience in 2 or more of the SIEM Analysis and use case management areas
· Advocate protection and mitigation strategies to be implemented from lessons learnt exercises
·Strong knowledge and work experience in handling vulnerability assessment on cloud-based architecture using Prisma cloud, Wiz.io etc.
· Other tools knowledge pertaining to CSPM AND ASM will be preferred in addition.
·Experience in defining, implementing, and consulting for vulnerability management framework based on enterprise security.
· Overall knowledge in VM process and remediation Governance. Ability in working with the Business to effectively communicate the risks of identified vulnerabilities and recommend approach for addressing vulnerabilities.
· Collaborating with stakeholders for remediation and providing updates to customers on a weekly and monthly basis. Working knowledge in SNOW, threat monitoring tool and Risk based vulnerability assessment integration Platform.
· Development, revision, and maintenance of Standard Operating Procedures and other Operational Documents
Soft skills
· Shall have good verbal/written communication skills
· Should be willing to work in 24x7 environments
· Incumbent should carry continual system improvement mindset and able to demonstrate in work.
· Should have client facing technical analysis report representation skills
Thanks & Regards
Sameer Ahmad
Raas Infotek Corporation.
262 Chapman Road, Suite 105A,
Newark, DE -19702
Phone: (302) 565-0068 Ext: 143
E-Mail: sameer.ahmad@raasinfotek.com|Website: www.raasinfotek.com
Linkedin: linkedin.com/in/sameer-ahmad-031a0b185