Posted 6 months ago

Job Category: Experienced

Job Location: Becharaji (Gujarat)

Position: Network Security Engineer

Shift Timings: Flexible (As per defined shift)

Job Description

  • CANDIDATE NEEDS TO MANAGE FOLLOWING DEVICES:
    Sr. No. Description
    1 Network Access Control (Force scout)
    2 Blue Coat Proxy and Content Analysis System
    3 Network Monitoring (Motadata)
    4 VPN (Global Protect)
    5 SCCM
    6 Load Balancer (Redware)
    7 Firewall Management (Palo Alto and Fortinet)
    8 Antivirus Crowd Strike / Symantec
    9 Cisco Core Switch (4507)
    10 Wireless Controller
  • NETWORK ACCESS CONTROL:
    • Provide monthly reports with the non-compliance and information security status.
    • Monitor security logs to detect malicious or abnormal events and raise the alerts for any suspicious events that may lead to security breach.
    • Should carry out co-relations amongst the logs from multiple sources to detect multi-vector attacks.
    • Historical parameters should include and not limited to attack volume, attacker volume, and destination volume for every alert. Detect Patient Zero, Attack origin and Blast Radius
    • Define, Develop and implement Use Cases based on standard methodologies to Detect analyze and identify the impact of this attack on other assets
    • Should be able to provide charts for top attacks & attackers, OWASP based threat analysis, Trending threats, attack demographics etc.
    • Any failures of event collection infrastructure must be detected and operations personnel must be notified.
    • Troubleshooting issues for assets/servers/network devices if the system is non-compliant with respect to NAC policies and make the systems compliant with NAC policies.
    • Orderly security patches installation and security check for NAC Devices
    • Exceptions for Assets/user provisioning in NAC and providing data for quarterly review to Customer.
  • FIREWALL MANAGEMENT:
    • Administration of Firewall, logging call with vendor in case vendor assistance required for troubleshooting/upgrades/installation.
    • Able to review firewall logs or incoming threat analysis and Monitor security logs to detect malicious or abnormal events and raise the alerts for any suspicious events
    • Creating rules on firewall, managing exceptions, configuration of firewall in accordance with best practices. Daily health check list to be shared
    • Orderly security patches installation for firewall.
    • VA and PT point to be closed if any in respect to Firewall hardware/software.
    • Proper testing before making any changes (if feasible) Confirmation and validation activity.
    • Firmware Upgradation, Monitoring for CVE with associated upgrades & patching.
    • Backup Scheduling as per OEM Procedure, Failover Testing twice in a Year
    • Virtual private networking (“VPN”) IPSec tunnel support and SSL VPN client support as needed
    • Coordinating with vendor support to prepare for custom signature creation in the event of a security incident.
    • Review and Report for Bandwidth and throughput for interface, VPN, IPSEC and sessions
    • Blacklisting of offenders, Historical parameters should include and not limited to attack volume, attacker volume, and destination volume for every alert
    • Should have capabilities to define rules and reports on event logs captured from various sources to detect suspicious activities Examples • Failed login attempts • Successful Login attempts from suspicious locations or unusual systems • Authorization attempts outside of approved list • Vendor logins from unauthorized subnets
    • Vertical & Horizontal port scans • Traffic from blacklisted IPs • Login attempts at unusual timing
  • BLUE COAT PROXY AND CONTENT ANALYSIS SYSTEM:
    • Daily checklist to be maintained every day only for errors related with
    • services/functionality/errors to be checked & appropriate actions to be taken Fortnightly
    • Provide monthly reports with the non-compliance and information security status.
    • Blacklisting, whitelisting URL, troubleshooting, log analysis.
    • Report and parameter based out of endpoint and session.
    • Creating rules on proxy, managing exceptions, configuration of ip in accordance with best
    • practices.
    • VA and PT point to be closed if any in respect to proxy hardware/software.
    • Proper testing before making any changes (if feasible) Confirmation and validation to be
    • carried out post the activity.
    • Version/Patch Upgradation
    • Backup Scheduling as per OEM Procedure
    • Failover Testing twice in a Year
    • Daily health check list to be shared
  • MOTA DATA AND SCCM SOFTWARE:
    • Daily checklist to be maintained every day only for errors related with
    • services/functionality/errors to be checked & appropriate actions to be taken
    • Troubleshooting issues for assets/servers/network devices if the system is non-compliant
    • with respect to Mota Data and SCCM policies and make the systems compliant with Mota Data and SCCM policies
    • Orderly security patches installation and security check for Mota Data and SCCM Software
    • VA and PT point to be closed if any in respect to Mota data and SCCM hardware /software.
    • Firmware Upgradation
    • Backup Scheduling as per OEM Procedure
    • Daily health check list to be shared for Motadata device and their status.
    • Patching of server and endpoint in accordance of CVE alerts and effectives patches.
    • Addition of new server and endpoint for monitoring with different parameter.
  • ANTIVIRUS CROWD STRIKE
    • Provide monthly reports with the non-compliance and information security status.
    • Creating rules and Policy, managing exceptions, configuration of policies in accordance with best practices.
    • VA and PT point to be closed
    • Proper testing before making any changes (if feasible) Confirmation and validation to be carried out post the activity.
    • Version/Patch Upgradation and Client Endpoint client upgrade policy
    • Report for end client detection and remediation.
    • Ensure endpoint client connectivity with console, else highlight the same.
    • Incident monitoring
    • Daily health check list to be shared
    • External device control and policy (eg :- usb , Bluetooth)
  • VPN:
    • VPN Gateway Status, tunnel creation and tunnel status monitoring.
    • Provide monthly reports with the non-compliance and information security status.
    • Creating rules on SSL-VPN, managing exceptions rules
    • VA and PT point to be closed if any in respect to SSL-VPN hardware/software or related MFA tokens.
    • Proper testing before making any changes (if feasible) Confirmation and validation to be carried out post the activity.
    • VPN user creation, reactivation MFA profile
    • Firmware Upgradation or any patch update for VPN client.
    • Backup Scheduling as per OEM Procedure
    • Failover Testing twice in a Year
    • Daily health check list to be shared
    • VPN consumption reports for daily and weekly basis
    • HIP inspection for connected user through VPN
  • Load Balancer:
    • Providing Technical assistance in case of any issues
    • Firmware version upgradation
    • VA and PT point to be closed if any in respect to Load Balancer hardware/software.
    • Proper testing before making any changes (if feasible) Confirmation and validation to be
    • carried out post the activity.
    • Configuration Changes
    • Backup Scheduling as per OEM Procedure
    • Failover Testing twice in a Year
    • Daily health check list to be shared
    • Creation and Management of rule\Policy in lieu of route definition and optimization for particular IP and services.
    • Daily Load distribution reports and parameter reports
  • Wireless Controller:
    • Providing Technical assistance in case of any issues
    • Firmware version upgradation
    • VA and PT point to be closed if any in respect to Load Balancer hardware/software.
    • Proper testing before making any changes (if feasible) Confirmation and validation to be carried out post the activity.
    • Configuration Changes for Access point WLAN grouping and SSID control
    • Backup Scheduling as per OEM Procedure
    • Failover Testing twice in a Year
    • Daily health check list for Access point connected and wireless Controller
    • Creation and Management of security rule\Policy for dedicated MAC address and mapping with SSID
    • Daily Connected AP and Uptime reports including MAC, SSID, IP and serial No
    • Connected client Report for Access Point with MAC details.
    • Guest Wlan Lobby management for temporary WI-FI internet

Apply Online

A valid email address is required.
A valid phone number is required.