Job Opening: Sirion Labs
Job Role: Senior Security Analyst
PQE: 7-10 years
- Design, implement and maintain Security Operation Centre (SOC)
- Implement and administer/maintain Security Information and Event Management solution (Wazuh) along with ELK stack for log integration & management, correlation, security alert visualization and monitoring
- Integrate all IT systems (infrastructure, network, endpoints, application, database, security, etc.) with SIEM. Develop and implement necessary correlation rules, decoders, integration adaptors, threat feeds, etc.
- Implement automated and proactive security alert monitoring, alerting and response
- Develop and enhance threat hunting, SOAR and XDR capabilities
- Perform SOC operations – security monitoring, triaging, and incident response. Work closely with IT, DevOps and Engineering teams to investigate, contain, remediate, or mitigate and respond to a security incidents.
- Create and maintain security incident response playbooks. Perform ongoing and scenario-based incident response testing. Incorporate learnings in incident response playbooks.
- Architect and Implement security controls in corporate IT systems (Endpoints, Development & Data Center, etc.)
- Lead ongoing operational monitoring of the effectiveness of implemented security controls and work with IT, DevOps and Engineering teams to remediate or mitigate identified non-compliances and security weaknesses
- Conduct ongoing Vulnerability Assessment & Penetration Testing (Internal and External) and perform management reporting. Work with IT, DevOps and Engineering teams to remediate or mitigate identified security vulnerabilities. Administer security testing tools and environment.
- Responsible to ensure consistent implementation and maintenance of secure configurations, SOD based access controls and IT system hardening across the IT landscape. Conduct ongoing security audits/reviews in accordance with company policy and global security standards.
- Perform ongoing review of privileged user activities. Identify, investigate and respond to unauthorized access.
- Responsible for implementing and monitoring Patch Management process in all IT systems
- Perform Proof of Concept for security solutions to implement effective security controls
- Prepare metrics based periodic reports and dashboards with support from the stakeholder functions for management review.