026141-Senior Cybersecurity Operation Centre Analyst / SR SOC Analyst
Senior Cybersecurity Operation Centre Analyst / SR SOC Analyst Job Description
Capgemini With more than 180,000 people in over 40 countries, Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. The Group reported 2015 global revenues of EUR 11.9 billion. Together with its clients, Capgemini creates and delivers business and technology solutions that fit their needs and drive the results they want. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business ExperienceTM, and draws on Rightshore®, its worldwide delivery model. Learn more about us at www.capgemini.com.
Rightshore® is a trademark belonging to Capgemini
Capgemini's robust Outsourcing offerings include: Applications Management, Infrastructure Management and Business Process Management. We combine these services with our deep industry knowledge and experience to provide the change agent to accelerate business growth. We generate quality and speed through our proven tools, methods and global centers. These capabilities, coupled with our program management expertise are tailored to fit the most challenging business needs.
Security Services & Control - Manage security tools & implement any agreed changes to security tools, software, computing assets and processes which support the prevention of security exposure in the Equipment, Software under the guidance of client Information Security.
SIEM tool Management and reporting - Knowledge on Cryptographic tools & methodologie- Security Incident Management and Reporting - Worked under SOC environment using SIEM Tools - Prepare and coordinate risk assessments for proposed changes to the Equipment, Software and related Services on SOC environment. - Support security incident response processes in the event of a security breach by providing logging and audit information and by providing incident reporting. - Implement and manage a security incident management process according to the Security Policy. - Coordinate notification of security incident occurrence with client. - Provide periodic trending problem reports. Create and maintain a Security Incident log that is also provided to client Information Security to facilitate historical analysis. - Assist investigators of security incidents involving the client Sites and other locations, document findings, and coordinate resolution. - Understanding of Active directory infrastructure - Participates in Change Management, Problem Management & Configuration Management - Understanding of malware, antivirus & antispam solutions Vulnerability Management - Vulnerability Scanning & report analysis (Nessus / QualysGuard) - Identification of false positives - Understand & share remediation strategies when required (application of remediation patches is out of scope) Monitoring - Monitor logs and security events across network infrastructure. Log, monitor, investigate, and report on access violations. - Provide log analysis to provide views of misuse, fraudulent or malicious activities. - Provide alerts and reports appropriately. - Capacity Management - Performance monitoring & threshold management. Patch Management - Understanding of patch management process and tools; evaluate the release patch/recommended solution by tools. - Liaise with client Infrastructure teams for patch deployment. - Coordinate with vendor for patch Validation .