- To build and support the next gen cyber security services by working and setting up world class SIEM capabilities, as part of the 24*7 SOC environment for the Kmart Group and ensure
that secure posture is maintained as per the Industry Best Standards - Individual contributors provide organisational related support or service (administrative or clerical) OR roles operating in a hands on environment in support of daily business activities
(eg, technical, production or craft levels). - The majority of time is spent in the delivery of support services or activities, typically under supervision.
- Work typically requires a high school degree or 1-2 year vocational training / associates degree.
Desired qualification and work experience
- Proficient in Incident Management and Response in a 24*7 SOC environment
- Good Understanding and handling of any Cyber Related Incidents, driving it to resolution, performing post-mortems and mitigation plans.
- Experience in security device management and SIEM tools like Microsoft Azure Sentinel
- SIEM Development - Creation of new rule set, Build insights, detections, interactive dashboards, and automation workflows
- Research, build, and support integrations between Azure Sentinel and other products and solutions by leveraging and applying technologies built for Azure Sentinel
- Decent level of WAF understanding , Threat Analysis, Threat Hunting and Protection + DDoS Mitigation
- Fine Tune and develop/enhance the SIEM Features and new services offered by Microsoft Sentinel In-depth
- knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc
- Good knowledge on Anti Virus protection tools - McAfee, Crowdstrike , NTR like Darktrace,
- EDR solutions like Cortex XDR, Red cloak, CASB, DLP and email security like Proofpoint
- Working HTTP knowledge , Working UNIX/Linux knowledge and other operating systems
- Work on the initial design as we'll as the configuration of Microsoft Azure Sentinel.
- Knowledge of applications, databases, middleware to address security threats against the same.
- Proficient in Networking and Network security skills on firewall devices like Palo Alto and
- F/W management tools like Panorama
- Experience in Cloud Infrastructure Security & Application/API security
- Fundamental knowledge of AWS Cloud & its offered services
- Exposure on Vulnerability assessment as we'll as penetration testing or forensic analysis fields are an advantage
- Good to have Experience in scripting/programming (PowerShell, Python)
