InfoSec Admin

About Company:

Our client is a global technology consulting and digital solutions company that enables enterprises to reimagine business models and accelerate innovation through digital technologies. Powered by more than 84,000 entrepreneurial professionals across more than 30 countries, it caters to over 700 clients with its extensive domain and technology expertise to help drive superior competitive differentiation, customer experiences, and business outcomes.

Job Title:

Location

Experience

Employment Type

Work Mode

Notice Period

• EDR Management: Lifecycle of EDR management for Servers hosted in Corporate IT Datacenter (Installation, Uninstallation, Troubleshooting, compliance). • Investigation & Remediation of Identified Incidents (post exclusion of noise) • Monthly Reporting to Corporate IT w.r.t EDR health & issues • Vendor support coordination as needed • USB access request handling
• Vulnerability Management:
• Conduct VA scans using CIT-designated tools; provide reports upon request.
• Application owners handle remediation of findings.
• Perform quarterly VA scans on critical DC infrastructure and prepare reports.
• Import scan results into the GRC tool, assign assets to stakeholders, and track vulnerabilities.
• Manage false positives within the GRC tool and generate required reports.
• Ensure new servers and network devices undergo VA scans before going live.
• Maintain the VA tool and coordinate with vendors as needed.
• Deep Discovery Administration:
• Daily monitoring of malicious events
• Identify infected machines and coordinate with local IT to collect required logs via ATTK tool
• Upload logs to Trend Micro Portal and address action items
• Monitor malicious SMTP traffic on Deep Discovery and ensure traffic is blocked at the Anti-Spam Gateway
• InfoSec Operation Job Description
• Deep Security Administration: • Installation of the agent on the Critical servers provided by Client • Running the Recommendation scan for IPS engine and applying the rules • Verifying that the applications of the respective servers are not facing any issue due to Deep Security rules
• Network IDS • Monitoring Network for potential critical incidents • Performing Noise reduction to root out false positives • Corrective actions as needed for remediating identified incidents • Vendor support coordination as needed 6 Firewall Optimization & Review.
• Periodic review of Rules in Firewalls managed by CIT
• Recommending changes / optimization as needed • Maintenance of
• Tool • Vendor support coordination as needed 7 Web Application
• Firewall • Onboarding, Deboarding of Applications on Cloud WAF on request basis • Creating & Enforcing policies relevant to applications
• Vendor Support coordination as needed 8 Privilege Access
• Management • Allocation, Deallocation of Users to PAM tool
• Mapping of Servers within PAM for access • Review of alerts & overall user of PAM • Maintenance of tools • Reporting of Exceptions & overall statistics to CIT • Vendor Support coordination as needed
• Deception Monitoring • Monitoring of exceptions & alerts coming from tool • Remediation of significant incidents identified • Vendor Support coordination as needed