Data Base Activity Monitoring(DAM): Imperva

·     Strong knowledge and Minimum 5 years Hands on Experience in 3 or more areas of security like (Security Incident and Event Management (SIEM) Qradar along with SOAR & TIP: Q Radar / Vulnerability Assessment Scanner(VAS): Rapid 7 / Deception Technology).

·     Experience in construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables)

·     Experience in packet level analysis

·     Experience in Threat Hunting

·     Experience in Designing and deploying use cases for SIEM and other security devices.

·     Continuously monitor security alerts and events to identify potential security incidents or threats.

·     Develop and implement incident response plans to address security breaches and mitigate potential damage.

·     Conduct regular vulnerability assessment and penetration testing to identify and remediate security weaknesses.

·     Maintain documentation of security procedures, incident reports and security policies.

·     Stay updated on the latest cybersecurity threats and trends to proactively defend against emerging threats.

·     Manage and maintain security tools such as SIEM, DAM, VAS and Deception technology.

·     Monitoring of Qradar SIEM and investigating/closing out offenses.

·     Finetuning configurations of the security solutions/components obtaining optimum usage of the system as per the client requirement.

·     Manage the Analytics, Trending and new use case creation, log source and SLA management & reporting.

Creating custom rules and configurations to tailor the SIEM solution to the client specific security needs.