Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals.
Must Have Skills : Splunk Administration
Good To Have Skills : Security Information and Event Management (SIEM)
Key Responsibilities : Appropriately inform and advise management on incidents and incident prevention Implements continuous improvement measures on daily basis Identify, assess, and resolve complex issues/problems within own area of responsibilityProvide Incident remediation and prevention documentationDocument and conform to processes related to security monitoring
Technical Experience : Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Perform network incident investigations, determining the cause of the security incident and preserving evidence for potential legal action Interface with technical personnel and other teams as required Produce security incident reports and briefings to be distributed to the team lead and manager Monitor devices for potential threats
Professional Attributes : Experience working in a diversified, virtual environmentDesirable to have some certifications such as CCNA, CEH, Security, and ITIL Desirable to have some advanced Certification from SIEM vendor on Splunk
Educational Qualification : BE