Cyber Security Specialist

Description :

Function : Information Technology.

Job Title : IT Cyber Security Specialist.

Desired Qualification & Experience : M.Tech/B.Tech/MCA with 10+ years of experience in various firewall and SD-WAN technologies, such Checkpoint, paloalto, Fortinet, cisco ASA, Barracuda.

Job Location : Azamabad, Near RTC Cross Road, Hyderabad.

Main purpose of the Job : The Tech Lead IT Security will be responsible to handle the complete Network Firewalls, OT firewalls, SDWAN Devices and SIEM across the organization.

Job responsibilities :

- Responsible for maintaining the firewalls by consider the network topology, traffic patterns, and potential threats while creating an effective firewall strategy.

- Responsible for maintaining the SD-WAN based on the organization's requirements and network topology.

- Should create and manage firewall rules that determine what types of traffic are allowed or denied between different network segments or between the internal network and the internet.

- Continuously monitoring the firewall infrastructure to ensure its proper functioning is a critical task.

- If issues or anomalies are detected, then must troubleshoot and resolve them promptly to minimize downtime and security risks.

- Need to involve in security audits and assessments to ensure that the organization complies with relevant security standards and regulations.

- need to prepare documentation and reports on firewall configurations and policies.

- Regularly assessing the firewall devices for vulnerabilities and applying security patches and updates is necessary to safeguard the network from emerging threats.

- Optimizing the firewall's performance is essential to prevent bottlenecks and ensure smooth network traffic flow. This may involve fine-tuning rules, adjusting configurations, or upgrading hardware when necessary.

- SD-WAN seamless integration with existing routers, firewalls, VPNs, and other networking components.

- Prioritize and manage different types of network traffic based on policies and application requirements.

- Regularly monitoring the SD-WAN infrastructure is essential to identify performance issues, security threats, or configuration errors will be responsible for troubleshooting and resolving them to minimize downtime and ensure network reliability.

- Monitor SIEM alerts and notifications to detect security incidents in real-time.

- Investigate and respond to security events, triaging and escalating incidents as necessary.

- Conduct in-depth analysis of security incidents to determine the root cause, scope, and impact of the events.

- Perform digital forensics and analysis on compromised systems, if necessary.

- Monitor the health and performance of the SIEM infrastructure to ensure its continuous and reliable operation. Troubleshoot and resolve issues promptly.

- Plan and execute SIEM software upgrades and patches to ensure the platform is up to date with the latest features and security enhancements.

- Collaborate with other IT teams, security analysts, incident response teams, and management to ensure effective communication and alignment of SIEM initiatives with overall cybersecurity strategies.

Candidate Required skills :

- In-depth knowledge of various firewall and SD-WAN technologies, such Checkpoint, paloalto, Fortinet, cisco ASA, Barracuda.

- Strong understanding of networking protocols, including TCP/IP, UDP, ICMP, HTTP, HTTPS, DNS, FTP, and others. Knowledge of how these protocols operate at different layers of the OSI model is crucial for firewall rule configuration.

- Thorough knowledge of network security principles, best practices, and common attack vectors. Understanding firewall policies, access control lists (ACLs), VPN technologies, intrusion detection/prevention systems (IDS/IPS), and DDoS protection is important.

- Ability to create, manage, and optimize firewall policies and rules based on business requirements, security standards, and compliance regulations. This involves understanding traffic flow, application requirements, and security implications.

- Familiarity with security auditing processes, vulnerability assessments, and compliance frameworks to ensure the firewall infrastructure meets industry standards and regulatory requirements.

- Proficiency in configuring and managing intrusion detection and response systems (IDS/IPS) to detect and respond to potential threats and attacks in real-time.

- Knowledge and work experience of virtual private networks (VPN) and remote access technologies, including IPsec, SSL VPN, and multi-factor authentication (MFA) to enable secure remote connections.

- Strong troubleshooting skills to identify and resolve issues related to firewall configurations, connectivity, and performance. Familiarity with network monitoring tools to assess firewall performance, traffic patterns, and security events.

- Knowledge of SIEM (Security Information and Event Management) solutions is beneficial.

- A strong background in traditional networking, such as routing, switching, and WAN technologies, is highly beneficial in understanding the broader network context in which SD-WAN operates.

- In-depth knowledge and hands-on experience with various SIEM platforms, such as Rapid7, Splunk, IBM QRadar, ArcSight, LogRhythm.

- Strong understanding of cybersecurity concepts, including security event log analysis, intrusion detection, threat hunting, and incident response.

- Proficiency in analyzing and correlating security event logs from various sources to detect potential security incidents and threats.

- Experience in creating and fine-tuning correlation rules to identify suspicious patterns and behaviors indicative of security threats.

- Familiarity with incident response processes and methodologies, including triaging and responding to security incidents.

- Should have good experience in handling the team.

- Should have excellent communication skills.

For more details, visit us www.biologicale.com.