Qa Engineer

Job Description

Job description Experience: - 6+ Years as Security Administrator & Information Security Domain. Tools: - Splunk, Hyper soar, Open-Source Technologies, DLP & Cloud security Preferred Skill Set: - 1. Deploy, configure, and maintain open-source security tools 2. Experience with scripting languages such as Python or Bash. 3. Knowledge of IT infrastructure, networking, and security principles. 4. Experience with other monitoring and logging tools. 5. Understanding of cloud environments and integrations with Splunk. Roles And Responsibilities: - Install, configure, and maintain Splunk environments, including indexers, search heads, forwarders, and deployment servers. Monitor the health and performance of Splunk components and take proactive measures to ensure high availability and reliability. Plan and execute upgrades and patches to the Splunk environment. Onboard data from various sources, including logs, metrics, and events, ensuring data integrity and proper indexing. Create and manage data inputs, parsing rules, and data transformations. Implement and maintain data retention and archiving policies. Develop detection rules to support our SOCs alerting and response capabilities. Provide expert analytic investigative support to analysts for complex security incidents. Review security controls measures, identify gaps in the security architecture, and implement improvements or enhancements as needed. Deploy, configure, and maintain open-source security tools such as Snort, OSSEC, Suricata, OpenVAS, Zeek, Metasploit, and others. Train and mentor junior team members on the use and administration of open-source security tools. Collaborate with IT and development teams to integrate security tools into the overall security architecture and workflows. Design, implement, and manage security measures for cloud environments (e.g., AWS, Azure, Google Cloud). Configure and manage cloud security tools and services, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems. Develop and enforce DLP policies and rules to prevent data breaches and unauthorized data transfers. Customize DLP policies to meet the organization’s specific needs and regulatory requirements. Conduct regular reviews and updates of DLP policies in response to evolving threats and business changes. Soft Skills: Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Attention to detail and a proactive approach to security issues. Certification: Splunk Administrator , CEH, CCSP, CISSP