 L1- Next Gen Firewall with IPS, Proxy, Malware Sandboxing & Anti Dods

Level: L1 (24*7)

Location & Count * : Bhubaneshwar (13), Kharghar (4), Belapur (4), Nagpur (4)

Education * : BE/B-Tech/BCA or masters degree in CS/IT

Certification * : CEH/ CCNA Sec/ PCNSA equivalent certification of respective OEM

Experience * : 2- 3 years relevant experience.

Budget: LPA

Technology (OEM) * : Network/Cyber Security, IPS-Checkpoint, Malware Sandboxing-Palo Alto, Perimeter DDOS-NetScout

Skills: Candidate should have adequate knowledge of security devices like Firewalls, DDOS and other security devices.

Job summary

As an L1 Security Monitoring Engineer, it is a vigilant first responder, responsible for the 24/7 monitoring of security systems. The analyst will monitor and analyze alerts related to firewalls, anti-DDoS, malware proxy, and sandboxing technologies. You will perform initial triage, escalate confirmed security incidents, and help maintain the overall security posture of the organization.

Key Responsibilities

• Perform initial triage on all security alerts to determine their severity and authenticity. Differentiate between false positives and legitimate security threats.
• Monitor and analyze IPS related alerts fromCheck Point products. Identify and investigate potential network intrusions and malicious traffic patterns.
• Analyze reports fromPalo Alto malware sandboxing to determine if a file is malicious, understand its behavior, and identify affected systems.
• Monitor traffic anomalies and alerts fromNetScout perimeter DDoS tools to detect and analyze distributed denial-of-service attacks against the network.
• Investigate and document all security incidents and events, recording key details such as the nature of the event, affected assets, and actions taken.
• Escalate confirmed security incidents and complex issues to Level 2/3 analysts or other relevant support teams, providing a detailed handover.
• Follow established incident response procedures for handling standard security events.
• Update and maintain security incident records in the ticketing system, ensuring all information is accurate and up to date.
• Install application patches and signed software updates in order to improve performance, enable additional functionality or enhance security standard including but not limited to Performing Scans, Management of the system, Updating of plugins and patches, etc.
• To maintain the inventory of entire assets of Cyber Security solutions as per scope and maintain and update a database with respect to OS, Database, Webservers, Application details, and IP addresses pertaining to all Security Solutions under the mentioned scope.