Information Security Lead
Maintain compliance with ISO 27001 and PCI-DSS
- Implementing and managing policies on Cloud Proxy ( Zscaler ) and other Cloud infrastructure.
- Analyze typical threat actor profiles, the typical indicators associated with those profiles, and to synthesize the two
to develop innovative techniques to detect threat actor activity.
- Demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity,
organized crime/fraud groups and both state and non-state sponsored threat actors.
- Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis
techniques to identify attacks against the enterprise.
- Analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify
anomalous and potentially malicious behavior.
- Digital forensics on host or network from malware perspective, ability to identify anomalous behavior on network
or endpoint devices
- Fine tuning information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security
monitoring solutions (NSM,DLP,Insider, etc).
- Preparing SOP for blue team, perform POC for new products.
- Tools & Technology: RSA SA, Splunk, Palo Alto, CyberArk, Darktrace, Crowdstrike, Zscaler, Encase, RSA Archer, SeviceNow