• Experience of specifying and developing a SecOps function from scratch (for the build phase).
• Experience of endpoint protection in the workplace (eg Windows 10), server (eg VMWare, Linux, Windows server etc) and networking environments (predominantly Cisco).
• Experience of security tools currently used across the estate eg EDR, mail gateways, firewalls etc (see separate spreadsheet for full list).

Toolsets

• Sophos XDR, DLP, Web filtering
• Baracudda – mail filetering
• IBM QRadar/FortiSIEM
• VM-Qualys
• MDM- Intune/Mobileiron

• Lead and manage Security Operations Centre
• Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
• Serve as a point of escalation for all SOC Analysts (Incident Handler and Incident Responder) and service delivery issues.
• Strong knowledge in investigating security issues within Cloud infrastructure such as AWS, GCP, Azure.

• Should have good experience in Web Application Firewall & related solutions
• Should have excellent understanding on engineering, deployment, and operations of Web Application Firewall security solutions and integration of those platforms with other security solutions as required
• Have Excellent understanding on Linux Operating systems (working with Vi editor, scripting)
• Need to have very good understanding on:
  1. Networking concepts and protocols (TCP/UDP, ports etc.)
  2. Working knowledge on Apache, Jboss, Java, Docker, AWS
  3. Working knowledge of SSL encryption and TLS Certificates

• Identity lifecycle management (joiner, mover, leaver) – ensure timely removal of access, generate access removal requests to IT, investigate and resolve suspicious account activity, investigate and resolve the status of affiliate user accounts
• Support the development of a comprehensive IAM program plan and project plans for the implementation and configuration of new IAM system components on premise and in the cloud.
• Strong knowledge and experience in in cloud technologies (e.g. AWS & Azure IAM)
• Has extensive knowledge of identity management tools (e.g. Saviynt, RSA, SailPoint, CA,Oracle), technology, RBAC methodologies, policies and processes
• Experience with PCI and SOX programs

• Knowledge of IT security solutions like Endpoint Detection and Response (EDR), CrowdStrike, Sentinel One, MS Defender for Endpoint, McAfee, and Symantec endpoint protection
• Implementation, development, and integration of EDR security solutions like Carbon Black, McAfee EDR, FireEye HX, CrowdStrike, Sentinel One and MS Defender for Endpoint

• Hand on experience in Splunk Admin and Development with excellent understanding on:
• Splunk architecture & configuration files, log onboarding/data source integration, data Normalization and complex dashboards and data visualization

• Strong Experience in performing third-party risk management in, identifying, evaluating, the security risks in both technology and operation risks
• Moderate Experience in performing the risk management on Cloud environment (IaaS, SaaS & PaaS)
• Good Experience in understanding regulatory requirements/ risks PCI DSS, SOX & Fedramp
• Should have experience in any of risk management framework – ISO27005, NIST or FAIR

• McAfee Endpoint Protection, McAfee DLP & Endpoint detection and response
• Should have good knowledge on TCP/IP network traffic and event log analysis
• Strong understanding of ITIL process Incident Change Problem Major Incident Management would be advantage

• Add context to the incident to understand the behaviour, analysing data from multiple tools and data sources
• Investigates deeper on the detected behaviours when an incident is escalated by the SOC level 1 analyst
• Willing to work in shifts in 24/7 schedule
• Security monitoring experience with one or more SIEM technologies (Like : Sumologic, Q Radar, Splunk, FortiSIEM, Alien Vault)

• Should have hands-on engineering experience with the solution below. Tasks performed include Platform version upgrade, agent deployment, integration, troubleshooting the services, maintaining the platform uptime, onboarding/offboarding the user, SOP creation, maintaining the KB, writing rules/correlation, patching the solution, working with OEM for bugs and fixes

• Core Java
• JSP/Servlet
• Hibernate
• Spring [ IOC, AOP, MVC]
• SOAP/REST web services
• SQL, PL/SQL
• AWS basic [ EC2, RDS, S3 , SDD ] understanding
• GIT ,code deploy & yaml configuration
• Oracle/Postgres/MySQL

• Apex triggers and classes
• Visualforce pages and controllers
• Salesforce Lightning
• JavaScript, HTML/CSS

• Demonstrate hands-on experience implementing and supporting:
  1. Active Sync
  2. Workflows
  3. Rules & Policies
  4. Forms
  5. Synchronization
  6. Reconciliation
  7. Password Sync
• Provisioning/De-Provisioning into LDAP, Active Directory

• Maintain and optimize local company networks and servers
• Responsible for device and password management
• Experience Manage Engine tools (Service Desk Plus, Endpoint central, AD manager)
• Configure and control external sharing and access with the right RBAC of the office 365 suite

• Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
• Serve as a point of escalation for all SOC Analysts (Incident Handler and Incident Responder) and service delivery issues

• Acquire, lead, and develop major accounts within India Geo
• Strong account management skills to identify cross-selling and up-selling opportunities within targeted major accounts

• Experienced in analyzing, design & implementing the architecture of the projects
• Knowledge in Security Solutions EDR/ XDR, DLP, Proxy, Endpoint, Network Security, Firewalls, IDS/ IPS , etc.

• Source new sales opportunities through inbound lead follow-up and outbound cold calls and emails
• Understand customer needs and requirements