Monitoring of security events from devices like Sourcefire IDS, Checkpoint, Websense, MacAfee, Windows, etc, Incident Creation, and resolution. Develop the specific content necessary to meet the organization’s security operations goals, to include: the formation of content-specific queries, templates, reports, rules, alerts, dashboards, and workflows. Integrate data and event feeds with Splunk Enterprise solution. Develop implementation and configuration guides for the operations support team. Analyze and resolve complex technical issues. Strong experience in Identity and Access Management and Privileged Identity Management. Exposure to implementation and support engagements. Installing, Configuring, and troubleshooting of OIM/OAM., Perform on-the-job training of the SIEM solutions for team. In-depth understanding of logging formats, log collection methods supported for common log sources such as Firewalls, IDS/IPS, Web Proxies, Endpoint Security, DLP, Active Directory, Windows/Unix Servers, etc.
- Adherence to the organizational guidelines and processes.
- Actively aid the consulting team in different phases of the project including problem definition, effort estimation, diagnosis, solution generation, design and deployment.,
- Contribute to unit-level and organizational initiatives.,