Soc Senior Engineer Job in Harman International

JD: Cloud security Sr-engineer A successful candidate will be a graduate and an expert in network and security domain, possessing 5 to 7 years of relevant experience. Expertise in IBM QRadar, WAF, VPC, CloudTrail, Security groups & CloudConfig. Knowledge in CrowdStrike AV, Vulnerability scanners, DLP, web security and email security. Good understanding and hands on experience on Security basics, principles & Networking. Best understanding of OWASP top ten vulnerability attacks and remediations Manage all the compliance, audits, day to day security operations and supervise other administrators in the execution of security administration. Maintain an enterprise security stance through policy, architecture, and training processes. Secondary tasks will include the selection of appropriate security solutions, and oversight of any vulnerability audits and assessments. The IT Security Specialist is expected to interface with peers in the Systems and Network departments as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation. Ensure that policies support compliance with external requirements such as HIPAA, PCI, etc. Develop and implement an incident report and response system to address customer s security incidents (breaches), respond to alleged policy violations or complaints from external parties. Conducts investigation, analysis and review following breaches of security controls, and prepares incident reports recommendations for appropriate improvements. Develop, implement and manage an ongoing risk assessment program targeting information security and privacy matters; recommend methods for vulnerability detection and remediation. Keep abreast of latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities pertaining to customer. Determine appropriate levels of security controls and systems monitoring at all levels of the security architecture. Conduct periodic vulnerability and security risk assessment of the assets of the customer, and administers firewalls, IPS, IDS, application firewalls, Security information management servers, router and switch ACL's, VPN remote access servers, and point-to-point encryption routers. Identify foreseeable information security risks in order to comply with privacy and information security regulations, policies and procedures. Monitor compliance of information security procedures and policies and report infringements to top management. Audit and review Information Security issues in the organization. What You Need : EXPERIENCE Experience with enterprise AWS security architecture. Admin architecture experience in IBM QRadar on multi-tenant environment. Ability to deep-dive on Graylog/AWS to see any c2c server connection establishment. Identify the attack based on the pattern on server. Perform a VPC Flow investigation to see inbound/outbound connections and find the evidence of attack (bytes transferred, C2C Connection,etc) Ability to identify the SG, IAM misconfigured policies Ability to Identify Log sources which are stopped emitting events, Investigate, and restart the log sources Perform investigation to see the event connections and find the evidence of attack Experience with developing and managing an enterprise security program Should have the ability to interact with business process owners to understand, communicate effectively to reveal risks and present solutions to mitigate risks for the whole organization Manage all the compliance, audits, day to day security operations and supervise other administrators in the execution of security administration Requires a minimum of 5-7 years specialized experience in a cloud security related area (i.e., Intrusion Analysis, Forensics Analysis, Security Log Analysis, SIEM, NetWitness). Experience with various compliance and audits, ISO 2700X, PCI and SOX Demonstrated knowledge and skill related to Business Continuity Management and Disaster Recovery (DR) planning. CERTIFICATES, LICENSES, REGISTRATIONS CEH CISA CCNA Security CISSP LANGUAGE SKILLS Strong written and verbal skills necessary to complete assigned tasks. Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals. Ability to write routine reports and correspondence. Ability to speak effectively before groups of customers or employees of organization. REASONING ABILITY Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. Ability to determine the most effective solution for the enterprise. WORK Conditions On-call availability for weekends and holidays as needed. Sitting for extended periods of time. Work in 24 x 7 environment