Performs threat hunting by identifying targetsbased on threat actors and their common tactics as well as techniques toproactively and iteratively searching through networks to detect and isolateadvanced threats that evade existing security solutions
Support to insider threat analysis andinvestigation in finding potential insider threat cases (misuse of ITresources, fraud, or espionage)
Recommends how to optimise security monitoringtools based on threat hunting discoveries.
Performs analysis on artifacts to determine thefull extent and ground truth of an incident by establishing a detailed timelineof events
Extracting malicious files from network trafficand analysing them to determine their nature. Investigate actual or suspectedinformation systems security incidents, events, or violations and report to theSOC Manager.
Authoring and implementing original detectioncontent for monitoring systems (IPS signatures, SIEM use cases etc) on thebasis of current threats, vulnerabilities, protocols, missions, or otherspecifics to the constituency environment
Updating IPS and SIEM systems with newsignatures, tuning their signature sets to keep event volume at acceptablelevels, minimizing false positives, and maintaining up / down health status ofsensors and data feeds
Examine the security architecture andvulnerabilities of constituents’ systems, through scans, examining systemconfiguration, reviewing system design documentation, and interviews to producea report of findings and recommended remediation
Conducts penetration tests on systems tovalidate resiliency and identify areas of weakness to propose improvements.
Respond to level 3 change and problem requestswithout supervision and lead level 1 & 2 incident recoveries and root causeanalysis.
Perform identification, remediation, anddocumentation of network intrusions and computer system compromises, advancemalware analysis and forensic analysis of n / w activity, disks, and memory.
Develop or augment prioritization process tosupport investigation and compliance tasks.
Lead activities for the L1 and L2s such asproactive monitoring, logging and alerting to analyze, correlate, and respondto cyber-
attacks, threat intelligence and ability to define Risk and ComplianceDashboards.
6-7 years in IT Network or Security experience,expected to have attained at least 5+ years of Security Incident Management(SIEM) technologies related hands on experience.
Experience in SOC, Incident Response, MalwareAnalysis, IDS / IPS, Packet analysis / SIEM tools event monitoring, analysis& Triage process.
Working experience in large enterpriseenvironment with project planning skills, integrating solutions in a multi-vendorenvironment.
Sound understanding of IT Service Managementdisciplines in line with IT industry standards and best practices, e.g. ITILprocess experience
Excellent communication capabilities to providerapid and concise summaries of complex scenarios
Security exposure and proficiency in at leasttwo Operating Systems (Windows, Linux preferred)
Strong analytical and troubleshooting skillsworking in complex network and security problems
Why Join Us?
MicroSourcing offers diversity in career options. We welcome individuality in self-expression without losing the value for team involvement.
We are a fresh look at the BPO & KPO industry. Come experience the MicroSourcing life and be part of our growing family.
Cultures and Values
We are a fast growing company but we have always been able to keep the fun, young and intimate atmosphere from the time we started.
We strongly believe in transparency and honesty and we always make sure to represent the interests of our employees as much as we represent the interests of our clients.