SBI - Deputy Manager - Security Analyst (5-8 yrs)
RECRUITMENT OF SPECIALIST CADRE OFFICERS IN STATE BANK OF INDIA ON REGULAR BASIS ADVERTISEMENT No. CRPD/SCO/2020-21/29
State Bank of India invites On-line application from Indian citizen for appointment in the following Specialist Cadre Officer posts on regular basis. Candidates are requested to apply On-line
through the link given in Bank's website https://bank.sbi/web/careers or https://www.sbi.co.in/web/careers
- Candidates are advised to check Bank's website https://bank.sbi/web/careers or https://www.sbi.co.in/web/careers regularly for details and updates (including the list of qualified candidates).
- The Call letter for online Examination and "Acquaint Yourself" booklet should be downloaded by entering registration number and password/date of birth from the Bank's website. Call letter for interview, where required, will be sent by e-mail only (No hard copy will be sent).
Post : Deputy Manager (Security Analyst)
Grade : MMGS-II
Selection Procedure : Online Written Test & Interview
Place of Posting : Mumbai OR Navi Mumbai
Educational Qualification :
Basic Qualification (Compulsory):
BE / BTech (in Computer Science & Engineering/ Computer Science/Information Technology/Electronics & Communications) OR MCA/ MSc (Computer Science)/ MSc(IT) from recognized university
i) MTech in Cyber Security/Cyber Forensics/Information Technology
ii)CEH/CISA/CISM/CRISK/CISSP/ISO 27001 LA
iii) SOC security technology certifications from OEM like SIEM/UEBA/SOAR/VM/DAM/PCAP/NBA
Post Basic Qualification Work Experience & Specific Skills :
- Minimum 5 years' post basic qualification experience as on 31.10.2020 in IT / IT Security / Information Security in Banking, financial services and insurance (BFSI)/ Non-Banking Financial Company (NBFC)/ Financial technology (FinTech)/renowned MNCs.
Note: Training & Teaching experience will not be counted for eligibility
Specific Skill (Preferred):
- Understanding of IT Security technologies like Firewalls, IPS, WAF, AV, AD, DLP, LB, PIMS, ITAM, IAM, RASP, VPN, EDR, Anti-APT and networking protocols & technologies like routers, Switches, SDN to utilise same for logs correlation
- Understanding of emerging technologies like AI/ML, blockchain, RPA, IOT, Cloud
- System admin knowledge (Windows/Linux)
- Understanding of IT Infrastructure technologies and architecture to utilise the same for SOC fine-tuning
- SIEM - Event Analysis, Rule creation, automation, Asset Integration
- Vulnerability Management and penetration testing, OWASP Vulnerabilities and application security risks
- User & Network Behaviour Analysis, packet-capture and packet flows analysis
- Database Activity Monitoring, security policy creations and database integrations.
- Understanding of logs decoding / parsing & correlation techniques, correlation cross-IT technologies logs for incident creation, dash-boarding, threat hunting for IOCs and leveragingthreat intelligence etc.
- Programming knowledge - Python/perl/ shell/PHP
Job Profile & KRA in Brief :
1. Be a L2 level personnel resource in various shifts of SOC to monitor, identify, investigate and respond to security incidents. Directly responsible as an individual contributor in allotted areas.
2. Analysis of false positives incidents and rules/policies fine tuning.
3. IT Asset integration with SOC security tools like SIEM, DAM, NBA etc
4. Threat hunting, Incident Management and Forensics analysis.
5. Automation of routine SOC L1 & L2 activities
6. Understanding of cyber-attack tools techniques and procedures, perform analysis of security logs to detect unauthorized behaviour and activities.
7. Review of asset discovery and vulnerability assessment data.
8. Monitor resource utilisation of SOC systems for capacity planning, upgrades and overall system health.
9. Review of vulnerability & penetration Testing, vulnerability closure, coordination, follow up and escalation with the asset owners.
10. Troubleshooting of OS, network, software issues related to asset integration, vulnerability assessment etc
11. Guide L1 personnel resource in above areas.
12. Closely collaborate with stakeholders in IT and others for day to day SOC related operations
The apply button will redirect you to an external URL, please apply there as well.