Network Security Analyst Qradar / SIEM support must Bartlesville, OK The following requisition has been assigned:
Contract Long Tem TITLE: Network Security Analyst STATUS: Open LOCATION: Bartlesville, OK, United States # of Openings: 1 Requisition Details: Qradar / SIEM support Administrative Activities: Ensure Qradar tool availability 99.XX% uptime Monitor, advise on required compute, storage and Network (BW) resources for optimal IBM Qradar operations (performance and Capacity Threshold definitions, corrective actions following any threshold breaches) Define SOPs/WI on actions to be performed by Monitoring team following a event trigger - Create Custom and Routine Report templates per business needs - Assist Security teams in Audit activities -furnish Log Data, Forensics data and analysis as and when needed - Backup and Restore procedures Operations and Support Activities: - 24x7 SIEM Event monitoring, eyes on the monitor - Perform Backup and Restore activities - Generate Periodic and Custom reports Tenable/ VM support engagements Administrative Activities: - Ensure VA tool availability 99.XX% uptime - Hygiene, Runbook activities to ensure the tool and the underlying infrastructure availability - Add, Change and Delete Assets to be scanned - Monitor, Advise on required compute, storage and Network (BW) resources for optimal VA scan operations - Create and schedule scan jobs based on the criticality, geo, business importance of assets - Define SOPs/WI on actions to be performed by operations team following a scan job failure - Create Custom and Routine Report templates per business needs - Assist Security teams in Audit activities - Integrate and monitor Threat intelligence feeds - Backup and Restore procedures Operations and Support Activities: - Troubleshoot and resolve failed scan job - Escalate complex incidents to Admin/L3 teams Fidelis support Administrative Activities: - Ensure Fidelis IDS systems availability, 99.XX% uptime - Hygiene, Runbook activities to ensure the complete IDS operations - Signature updates - Create custom rules / configure out of box rules (included) - Minor SW and FW upgrades - Assist Security teams in Audit activities - Integrate and monitor Threat intelligence feeds Operations and Support Activities: - 24 x 7 Event Monitoring - Daily Health checks and routine maintenance (included) - Capacity Management (included) - 1st Level triage and incident resolution - Incident escalation with expert commentary on identified incidents, - assist Network and Systems in issue resolution when appropriate - Provide intrusion details, assist Security SMEs in compromised asset isolation - provide workaround to restore services when possible - Assist in sandboxing when required - Generate Periodic and Custom reports" *Thanks & Regards,* *Suman Bakshi (Sam)* *SourceChip,Inc |Email- [email protected] <[email protected]> * *Phone-732-917-4895 |www.sourcechip.net <http://www.sourcechip.net/> * *https://www.linkedin.com/in/sumanbakshi <https://www.linkedin.com/in/sumanbakshi> * -- You received this message because you are subscribed to the Google Groups "SAP Workflow" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/sap-workflow. For more options, visit https://groups.google.com/d/optout.
