Security Consultant-Sourcefire IDS/IPS implementation .
Mumbai (Mumbai)
Job description
Job Description
The IDS specialist is responsible for assisting in the protection of internal and external customer information assets through the development and implementation of appropriate general information security architecture, policies, guidelines, training, assessments, evaluations, controls, solutions and other measures as warranted. Develops and maintains global event detection requirements and architectures. Communicates requirements and appropriate intrusion detection practices to relevant parties. Participates in the investigation and remediation of security events. Collaborates with other client teams, firms and external parties to address/remediate identified security issues.
· Strong background in security operations tools implementation and security systems management
· Expert understanding of common IDS/IPS architecture, principles, operations and controls
· Expert understanding of intrusion detection/prevention technologies, trends, vendors, processes and methodologies.
· Expert understanding of common intrusion detection/intrusion prevention (IDS/IPS) architectures and implementations.
· Expert understanding of intrusion signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
· Advanced understanding of information security principles
· Advanced understanding of security, privacy, audit and legal security standards, guidelines and principles
· Advanced understanding of application design and architecture implementation
· Participates in operating day-to-day information security awareness, training and educational programs.
· Contributes in preparation & Implementation of necessary information security policies, standards and procedures.
· Participates in IT security risk assessments and control design activities.
· Investigates and resolves incidents and breaches regarding the network.
· Tests, selects and implements commercially-available best-of-breed security products and services.
· Participates in security architecture design review and planning.
· Participates in development and operation of security incident response process.
Proactively protects the confidentiality, integrity and availability of information in the custody of or processed by the company.
Experience with the following products are strongly preferred: * ArcSight ESM * ArcSight Logger and ArcSight Connector Appliances * Sourcefire Intrusion Prevention Products and Management * McAfee HIPS and McAfee ePolicy Orchestrator (ePO) * IBM Site Protector * IBM Proventia Server or Server Protection for Windows * Any experience with host or network-based intrusion detection products as well as SIEM management tools a plus.
Desired profile
- 11+ years in Information Security and/or Compliance related services, IT audit, Internal Audit and/or Risk Management Experience. Knowledge of the healthcare and software industries is a plus.
- Education 4-year degree in computer science or related field or equivalent experience, GIAC, SSCP, CISSP or other similar professional designations
- FISMA, NIST, and HIPAA
- Security Information & Event Monitoring (SIEM) administrative management
- Network Intrusion Prevention and Detection System (IDPS)
- Vulnerability & Configuration scanning (Tenable Nessus) on servers and network appliances
- Host Intrusion Detection System (HIDS)
- Anti-Virus
- Web Filtering/Monitoring
- Previous & Current versions of Windows Server OS & Linux
- Understanding of system and network security and architecture controls
- Strong interpersonal skills to build/ maintain ongoing business relationships
- Able to exercise professional judgment within defined procedures
- Experience in security risk assessments and/or audits
- Familiar with healthcare and financial compliance regulations and IT and security frameworks and standards
Apply for this job
Back to search results