Senior Security Engineer Security Monitoring & Analytics

Job Description

Job PurposeReporting to SMA, Engineering Head; the objective is to provide Engineering and architectural related guidance to the Security Monitoring and Analytics Team. The Scope of the role will be to develop / Engineer solutions / tools that are related to the Security Monitoring and Analytics team ; The SMA Team provides Engineering / Tools Support to the other Verticals in the Security Domains, and are in charge of the tools such as SIEM (Splunk ES), Machine Learning (UBA), Security Orchestration (Phantom), Host Intrusion Detection, Database Access Management, Endpoint Security (Tanium), not limited to only these. The role also involves developing new solutions / apps for Splunk, Integrating them with other applications. Automating the Manual Process / Procedures that are being used in the Security Space and thereby reducing the manual work. The Role will act as the 3 rd level of Support for the Cyber D fense Centre Team and the other Support Team; liaise with the Vendor as and when required to provide consistent Support to the teams. The candidate should display a high attention to details and be able to establish effective working relationships with various functional teams within and outside CSS. The candidate will be expected, by their example, to raise the rest of the team, which they will lead, to a high level of competency in these technologiesThe Role Responsibilities

• Provides Engineering & Technical related Leadership to the Security Monitoring & Analytics Service Line which includes Monitoring related tools
• Lead engineering initiatives around endpoint products managed by the team (e.g., Imperva, Tanium, Symantec DCCS)
• Serves as a Key Technical Engineering Resource for the Monitoring Tools and a Cyber-Security Expert.
• Good Scripting Knowledge (bash / Python / SQL DB s / API s, Powershell)
• Design Solutions and Concepts for Data Aggregation and Visualization
• Splunk Deployment / Configuration and Maintenance across a Variety of UNIX and Windows Platforms.
• Build Splunk Apps to provide the required results.
• Develop Reliable / Efficient Queries that will feed custom Alert / Dashboards and Reports.
• Develop / Engineer the Solution as per the requirement.
• Work towards automating things in the BAU Environment - reduce the manual effort involved
• Work on POC in Development environment for new Tools
• Integration of Splunk with other Tools either through API / Scripts / Qualys / AWS / Remedy Anomali
• Identify and highlight to the appropriate authority any service concern or improvement opportunity.
• Ensure customer satisfaction through improved service and quality. All escalation timely responded and closed.
• Expected to meet or exceed key measures and objectives of your role. Ensure performance, productivity, skill and quality in line with the expectations
• Adherence to the specified standards of Quality and Audit / Risk requirements
• Upholding the Values of the Group and Company at all times and Compliance with all applicable Rules/ Regulations and Company and Group Policies.
• To build relationship & network with stakeholders

• Having Diploma or Bachelor Degree in Engineering, Computer Science / Information Technology or its equivalent
• 8 - 15 years of relevant Working experience in IT; out of which at least 3-4 years experience on large and complex Security projects/ operations.
• 2 - 3 years of experience in Banking Security Administration and System Reporting services sector preferred.
• Proven hands - on experience in the following areas:
  • Security Operations/ Incident Response/Security Monitoring
  • Endpoint Security (SEP, Tanium)
  • SIEM Solutions Splunk, Enterprise Security, Arcsight
  • Orchestrations Phantom
  • Database Activity Monitoring (Imperva, Guardiam)
  • Machine Learning Splunk-UEBA, Imperva Counter-breach
• Knowledge in various technology platforms, domains and application development.
• Advanced knowledge of UNIX, Windows, Security will be highly preferred.
• Detail oriented, highly organized, and able to handle a variety of tasks in an efficient manner.
• Ability to collect and analyse data, establish facts, and make recommendations in written and oral form
• Possess strong decision making, communication, interpersonal and leadership skills

Keyskills :
deliveryfirewalls pocsales security testingtime management computer sciencemachine learning