ESB Technologies’ Post

Looking for immediate joiner with Level 3 experience 4+ experience in DDos Aakamai Prolexic Scope: • DDoS Attack Mitigation: The primary responsibility is to detect, analyze, and mitigate Distributed Denial of Service (DDoS) attacks targeting Akamai customers. • Incident Response: Rapidly respond to DDoS incidents, assess their impact, and implement appropriate mitigation strategies. • Monitoring and Alerting: Continuously monitor network traffic, security logs, and alerts from Prolexic systems. • Tuning and Optimization: Fine-tune DDoS detection rules and thresholds to minimize false positives and enhance accuracy. • Collaboration: Work closely with other security teams, network engineers, and customer support to ensure effective DDoS protection. • Security Incident Handling: Investigate and respond to security incidents escalated from L2 analysts. • Threat Detection and Analysis: Monitor security alerts, analyze logs, and identify potential threats. • Forensics and Root Cause Analysis: Conduct in-depth investigations to understand attack vectors and root causes. • Security Tool Management: Manage and fine-tune security tools (SIEM, IDS/IPS, etc.). Deliverables: • Incident Reports: Detailed reports on detected DDoS attacks, including attack vectors, duration, and impact. • Mitigation Recommendations: Provide guidance on improving DDoS resilience based on observed attack patterns. • Documentation: Maintain accurate records of incidents, mitigation actions, and lessons learned. • Training: Train other team members and customers on DDoS best practices. • Continuous Improvement: Contribute to enhancing Prolexic's detection capabilities and response procedures. • Escalation Procedures: Document clear escalation paths for critical incidents. • Playbooks: Develop and maintain incident response playbooks for common scenarios. • Collaboration: Work closely with L1 and L2 analysts, as well as other Network & Security teams. • Metrics and KPIs: Track and report on SOC performance metrics (e.g., mean time to detect, mean time to respond). Email resumes to swati.shah@clearliteinc.com

#hiring Infrastructure Engineer, Houston, United States, fulltime #jobs #jobseekers #careers #Houstonjobs #Texasjobs #ITCommunications Apply: https://lnkd.in/gvNB5gA5 Job Title: Infrastructure Engineer Interview Time and Day: ASAP Location: Houston, TX 77074 Hours: Standard Onsite/Offsite: Hybrid Top 3-5 Must-Haves: Technical Background: Someone with a strong foundation in systems or network administration who is eager to expand their skillset into cybersecurity. Experience: Minimum 5-6 years of experience in a relevant field. Technical Skills: Ability to support and maintain the entire IT environment, including proactive setup and maintenance, not just security measures. Problem-Solving: A "jack of all trades" mentality with the ability to independently troubleshoot and resolve complex technical issues. Self-Sufficiency: A strong work ethic and the ability to work with minimal supervision. Responsibilities: Cybersecurity Integration and Maintenance: Implement and maintain robust cybersecurity measures across the organization's IT infrastructure, ensuring the protection of sensitive data and systems from potential threats and vulnerabilities. Regularly assess and enhance security protocols, staying abreast of industry best practices and emerging threats to preemptively address potential risks. Infrastructure Management and Optimization: Oversee the setup, configuration, and optimization of network and systems infrastructure, leveraging best-in-class technologies to ensure optimal performance and reliability. Collaborate with cross-functional teams to streamline infrastructure processes and workflows, enhancing efficiency and scalability. Incident Response and Troubleshooting: Serve as a frontline responder to cybersecurity incidents, swiftly identifying and containing security breaches to mitigate potential damages. Conduct thorough root cause analyses of incidents, implementing corrective actions and preventive measures to fortify the organization's security posture. Technical Support and Guidance: Provide technical guidance and support to internal stakeholders, assisting with the resolution of complex IT issues and inquiries. Foster a culture of knowledge sharing and continuous learning, empowering team members to enhance their technical proficiencies and contribute to organizational success. Risk Assessment and Compliance: Conduct comprehensive risk assessments of existing infrastructure and cybersecurity practices, identifying areas for improvement and implementing remediation strategies. Ensure adherence to regulatory requirements and industry standards, maintaining compliance with relevant frameworks such as GDPR, HIPAA, and PCI DSS. Documentation and Reporting: Maintain accurate documentation of infrastructure configurations, security protocols, and incident response procedures, facilitating knowledge transfer and audit readiness. Generate regular rep

Looking for immediate joiner with Level 3 experience 4+ experience in DDos Aakamai Prolexic total experience 8+ years Scope: • DDoS Attack Mitigation: The primary responsibility is to detect, analyze, and mitigate Distributed Denial of Service (DDoS) attacks targeting Akamai customers. • Incident Response: Rapidly respond to DDoS incidents, assess their impact, and implement appropriate mitigation strategies. • Monitoring and Alerting: Continuously monitor network traffic, security logs, and alerts from Prolexic systems. • Tuning and Optimization: Fine-tune DDoS detection rules and thresholds to minimize false positives and enhance accuracy. • Collaboration: Work closely with other security teams, network engineers, and customer support to ensure effective DDoS protection. • Security Incident Handling: Investigate and respond to security incidents escalated from L2 analysts. • Threat Detection and Analysis: Monitor security alerts, analyze logs, and identify potential threats. • Forensics and Root Cause Analysis: Conduct in-depth investigations to understand attack vectors and root causes. • Security Tool Management: Manage and fine-tune security tools (SIEM, IDS/IPS, etc.). Deliverables: • Incident Reports: Detailed reports on detected DDoS attacks, including attack vectors, duration, and impact. • Mitigation Recommendations: Provide guidance on improving DDoS resilience based on observed attack patterns. • Documentation: Maintain accurate records of incidents, mitigation actions, and lessons learned. • Training: Train other team members and customers on DDoS best practices. • Continuous Improvement: Contribute to enhancing Prolexic's detection capabilities and response procedures. • Escalation Procedures: Document clear escalation paths for critical incidents. • Playbooks: Develop and maintain incident response playbooks for common scenarios. • Collaboration: Work closely with L1 and L2 analysts, as well as other Network & Security teams. • Metrics and KPIs: Track and report on SOC performance metrics (e.g., mean time to detect, mean time to respond). Email resumes to swati.shah@clearliteinc.com

Looking for immediate joiner with Level 3 experience 4+ experience in DDos Aakamai Prolexic Scope: • DDoS Attack Mitigation: The primary responsibility is to detect, analyze, and mitigate Distributed Denial of Service (DDoS) attacks targeting Akamai customers. • Incident Response: Rapidly respond to DDoS incidents, assess their impact, and implement appropriate mitigation strategies. • Monitoring and Alerting: Continuously monitor network traffic, security logs, and alerts from Prolexic systems. • Tuning and Optimization: Fine-tune DDoS detection rules and thresholds to minimize false positives and enhance accuracy. • Collaboration: Work closely with other security teams, network engineers, and customer support to ensure effective DDoS protection. • Security Incident Handling: Investigate and respond to security incidents escalated from L2 analysts. • Threat Detection and Analysis: Monitor security alerts, analyze logs, and identify potential threats. • Forensics and Root Cause Analysis: Conduct in-depth investigations to understand attack vectors and root causes. • Security Tool Management: Manage and fine-tune security tools (SIEM, IDS/IPS, etc.). Deliverables: • Incident Reports: Detailed reports on detected DDoS attacks, including attack vectors, duration, and impact. • Mitigation Recommendations: Provide guidance on improving DDoS resilience based on observed attack patterns. • Documentation: Maintain accurate records of incidents, mitigation actions, and lessons learned. • Training: Train other team members and customers on DDoS best practices. • Continuous Improvement: Contribute to enhancing Prolexic's detection capabilities and response procedures. • Escalation Procedures: Document clear escalation paths for critical incidents. • Playbooks: Develop and maintain incident response playbooks for common scenarios. • Collaboration: Work closely with L1 and L2 analysts, as well as other Network & Security teams. • Metrics and KPIs: Track and report on SOC performance metrics (e.g., mean time to detect, mean time to respond). Email resumes to swati.shah@clearliteinc.com

If I know any Splunk Architects/Splunk Consultants out there with previous SOC experience (I know we are few and far between), my company has an opening I am very familiar with. Tl;dr job details: - TS/SCI Required - Splunk Certified Architect is required, Splunk Consultant preferred. If you have Architect, you will be provided the training and time to get Consultant and have to get it in six months from starting. - Initially the position is 100% on-site in Quantico, but will move to two days on-site and three WFH after all hardware/accounts/access have been acquired (estimated 30 days on the job). - This a Splunk Professional Services engagement for a customer as staff augmentation. The current workload involves taking the customers existing multi-enclave Splunk instances and doing data ingest, scaling the deployments out of the initial testing phase to production, and working hand in hand with the SOC on cyber security use cases. - Power User style experiences a plus. Customer likes dashboards and reports but doesn’t have a lot of requirements yet. Easy way to get customer kudos. Please ask me any questions, as I know the role very well. I am NOT a recruiter, merely trying to help both my company and the customer staff this. So I’ll be 100% honest with you about it, and can put you in touch with our recruiters if you’re ready for a move. Nothing should stand in the way of making our government more secure, and on this engagement you’d have a direct role in helping this customer do just that.

SIEM rules if you don't follow, your SOC will be in trouble very soon: 1- If you are not fine-tuning the detection rules on daily basis. 2- Not filtering out noisy logs at all. 3- Not exercising caution while filtering out logs 4- Not ensuring proper sizing of storage. 5- Onboarding logs without planning 6- Onboarding logs without parsing and fields extractions 7- Enabling out-of-the-box detection rules without proper understanding and customization. 8- Not hiring a skilled SIEM admin. 9- Not hiring skilled dedicated detection engineers 10- Not conducting necessary health check on all SIEM components periodically.

Good Opportunity

Highly recommended opportunity at a highly recommended company! Benefits include "generous equity". It's a good time to get on board, now more than ever. 🚀 📈 #IAM #Identity #AccessManagement #MobileSecurity iVerify Rocky Cole #opportunity #hiring #cybersecurity #informationsecurity #Engineer #generous #equity