SOC Lead Architect - Onsite (IBM - QRADAR) SOC Lead Architect - Onsite (IBM - QRADAR) …

Cognizant
in Chicago, IL, United States
Permanent, Full time
Be the first to apply
Competitive
Cognizant
in Chicago, IL, United States
Permanent, Full time
Be the first to apply
Competitive
SOC Lead Architect - Onsite (IBM - QRADAR)

Responsibilities:
• Superviseand manage Level 1/L2/L3 SOC security analysts.
• Identifytraining opportunities for the team to mature into a highly proactive &efficient security response team.
• Monitormultiple security technologies, such as SIEM, IDS/IPS, syslog, file integrity,vulnerability scanners.
• Enable toCorrelate and analyze events using SIEM tool to detect IT security incidents.
• Manage SLAsfor security tickets.
• Be thePOC for customer for any enhancement requirements in SOC
• Be thePOC for representing weekly/Monthly/Quarterly security trends and enhancementto Customer (security officer/CSO/CISO)
• Enableintegration and adherence to the multiple vetted sources of emerging securitythreats, risks and vulnerabilities by well assessing the same.
• Establisha robust KEDB/SOPs for security events/incidents and enable L1/L2 teams inmaintaining/updating and following the same.
• Run mocktriages on technical/approach/processes in SOC with the SOC team on a regularbasis.
• Design& implement operational process and procedures to appropriately analyze,escalate, and assist in remediation of critical information security incidents.
• Provide 24x7operational support for escalations.

Qualifications
• Min 12 plus years of experience incyber security Management using SIEM tools like IBM QRadar/QROC
• Moderateto Advanced event analysis leveraging SIEM tools
• Moderateincident investigation and response skill set
• Moderatelog parsing and analysis skill set
• Moderateknowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP,etc)
• Moderateknowledge of malware operation and indicators
• Moderateknowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
• Moderateknowledge or IDS/IPS systems
• Moderateknowledge of Windows and Unix or Linux
• Moderateknowledge of Firewall and Proxy technology
• Basic toModerate knowledge of penetration techniques
• Basic toModerate knowledge of DDoS mitigation techniques
• Basicknowledge of Data Loss Prevention monitoring
• Basicexperience with scripting
• Basicknowledge of forensic techniques
• Basic toModerate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
• Basicknowledge of audit requirements (PCI, HIPPA, SOX, etc.)
• Experiencedin mentoring and training junior analysts

SecurityCertifications Preferred (Including but not limited to the followingcertifications):
• CertifiedIncident Handler (GCIH)
• CertifiedIntrusion Analyst (GIAC)
• CertifiedEthical hacker (CEH)
• CertifiedExpert penetration tester (CEPT)
• CISSP

SIEM ExperienceRequired
· IBM QRADAR/ QROC

Cognizant logo
More Jobs Like This
See more jobs
Close
Loading...
Loading...