General Information

Req #
WD00033968
Career area:
Services
Country/Region:
India
State:
Karnataka
City:
BANGALORE
Date:
Tuesday, November 8, 2022
Working time:
Full-time
Additional Locations: 
* BANGALORE - Karnataka - India

Why Work at Lenovo

Here at Lenovo, we believe in smarter technology that builds a brighter, more sustainable and inclusive future for our customers, colleagues, communities, and the planet.

And we go big. No, not big—huge.

We’re not just a US$70 billion revenue Fortune Global 500 company, we’re one of Fortune’s Most Admired. We’re transforming the world through intelligent transformation, offering the world’s most complete portfolio of smart devices, infrastructure, and solutions. With more than 71,500 employees doing business in 180 markets, we help millions—not just the select few—experience our version of a smarter future.

The one thing that’s missing? Well… you...

Description and Requirements

Experience & Skills:

  • Education: Bachelor’s degree or equivalent in technology is preferred.
  • Experience: Minimum of 8+ years of relevant experience in IT Infrastructure Support – SIEM tools preferably with multiple client’s landscape and technology landscapes (Windows Server, Unix, Linux).
  • Strong knowledge of Security Operations Center (SOC).
  • Previous experience in design and implementation of SIEM (Splunk, QRadar, ArcSight etc.) solutions.
  • Required Experience in administrating or monitoring detection/security tools: SIEM, EDR, Endpoint Protection, IPS/IDS, DLP, Cloud Security (GCP. AWS, Azure), Identity and Access Management, Firewalls and Networking
  • Strong knowledge of troubleshooting, client relations, and cybersecurity principles. Ability to implement a plan to address and mitigate security vulnerabilities.
  • Excellent experience in threat intelligence, network forensics.
  • Experience on variety of other security devices found in a SOC environment.
  • Experienced in supporting for large/medium Manage Services accounts.
  • Strong knowledge in firewalls, ID/IPS, AV/EDR, Proxy, DNS, email, AD, etc.
  • Solid understanding in Log formats of various security devices like Proxy, Firewall, IDS/IPS DNS,
  • Strong Understanding of network architecture.
  • Solid understanding of current trends in attacker and threat actor tools, techniques, and procedures (TTP) and mitigation steps
  • Core understanding of possible attacks activities such as network probing/scanning, DDOS, etc.
  • Relevant expert level technical certifications (Security+, CEH, CISSP, CISM, etc.)
  • Strong problem-solving and analytical skills, initiative, eagerness to learn, improve, and ability to work independently within a team structure
  • Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously
  • Good understanding of ITIL (Information Technology Infrastructure Library) principles
  • Excellent command over verbal & written English Language
  • Experience with various service delivery technical tools
  • Good Communication and presentation skills
  • Persistent, detail oriented, able to multitask
  • Ability to work for large organization in a complex and heterogeneous IT environment
  • Ability to work across Geographies and multi-cultural environments.
  • Experience in working with both physical and virtual teams

Job Deliverables:

  • L3 level Investigate triaged events and incidents using SIEM technologies.
  • Support and lead security incident response in a cross-functional collaboration environment driving towards incident resolution
  • Acknowledge, analyze, and validate incidents triggered from correlated events through various SIEM tools used in SOC operation.
  • Handle Technical escalations & crisis Management.
  • Lead technical transition of Cyber security technologies for new FMS customers.
  • Prepare / approve the technical SOPs for SIEM tools for managed services and implementation services.
  • Escalating and getting solution from OEM Support Team.
  • Design, Implementation and troubleshooting of SIEM solutions.
  • Assist pre-sales with SIEM sizing, Architecture, RFPs and client technical meetings.
  • Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices.
  • SIEM tool migration - (Platform Migration / DB to DB Migration).
  • SIEM tool upgrade & patching.
  • Task Automation using Scripts.
  • Plan and lead activities from pre to post. Create POA with all required details.
  • Design, implementation & Troubleshooting of SIEM tool & Database Backup and restore - (Using native tools & Backup solutions).
  • SIEM tool auditing & Performance tuning.
  • Responsible to mentor the L1/L2 team to build an appropriate support capability in line with the service offerings and customer technology landscape.
  • Keeping up to date with technology trends and developments.
  • Work closely with service delivery team and ensure the agreed KPIs with customers are met.
  • Prepare the RCAs and technical analysis on time for all P1 tickets, critical issues and on need basis.
  • Provide feedback on necessary improvements and process re-engineering to Technical Domain Leads.
  • Identifying risks and forming contingency plans as soon as possible.
  • Providing accurate and regular reports to the management on performance of the Domain Engineers
  • Provides technical feedback to L2/L1 to improve individual performance and overall service delivery.
  • Always ensure customer satisfaction

* BANGALORE - Karnataka - India