Network Security Engineer L1/L2 (Checkpoint, Paloalto)

Role Overview: As a Network Security Engineer based in Mumbai, you will serve as an L1 Security Monitoring Engineer, acting as the first responder for 24/7 security system monitoring. Your primary responsibility will involve monitoring and analyzing alerts related to firewalls, anti-DDoS, malware proxy, and sandboxing technologies. Your role is crucial in performing initial triage, escalating confirmed security incidents, and contributing to the organization's overall security posture. Key Responsibilities: - Perform initial triage on all security alerts to assess severity and authenticity, distinguishing between false positives and legitimate security threats. - Monitor and analyze alerts from IPS Check Point products, proactively identifying and investigating potential network intrusions and malicious traffic patterns. - Analyze reports from Palo Alto malware sandboxing to determine the malicious nature of files, understand their behavior, and identify affected systems. - Monitor traffic anomalies and alerts from NetScout perimeter DDoS tools to detect and analyze distributed denial-of-service attacks against the network. - Investigate and document all security incidents and events, meticulously recording key details such as the event's nature, affected assets, and actions taken. - Escalate confirmed security incidents and complex issues to Level 2/3 analysts or relevant support teams, providing detailed handovers for efficient resolution. - Follow established incident response procedures for handling standard security events, ensuring timely and effective responses. - Update and maintain security incident records in the ticketing system, ensuring all information is accurate and up to date. - Install application patches and signed software updates to enhance performance, functionality, and security standards. This includes performing scans, managing systems, and updating plugins and patches. - Maintain an inventory of Cyber Security assets within the specified scope, updating a database with details related to OS, databases, webservers, applications, and IP addresses for all Security Solutions. Qualification Required: - Bachelor's degree in Computer Science, Information Technology, or a related field. - Relevant certifications such as CISSP, CEH, or similar will be advantageous. - Strong analytical skills with the ability to differentiate between false positives and security threats. - Experience with IPS Check Point products, Palo Alto malware sandboxing, and NetScout perimeter DDoS tools. - Familiarity with incident response procedures and security incident record management. - Proficiency in installing application patches, software updates, and maintaining security standards. - Excellent communication skills for effective escalation and collaboration with different levels of analysts and support teams. Role Overview: As a Network Security Engineer based in Mumbai, you will serve as an L1 Security Monitoring Engineer, acting as the first responder for 24/7 security system monitoring. Your primary responsibility will involve monitoring and analyzing alerts related to firewalls, anti-DDoS, malware proxy, and sandboxing technologies. Your role is crucial in performing initial triage, escalating confirmed security incidents, and contributing to the organization's overall security posture. Key Responsibilities: - Perform initial triage on all security alerts to assess severity and authenticity, distinguishing between false positives and legitimate security threats. - Monitor and analyze alerts from IPS Check Point products, proactively identifying and investigating potential network intrusions and malicious traffic patterns. - Analyze reports from Palo Alto malware sandboxing to determine the malicious nature of files, understand their behavior, and identify affected systems. - Monitor traffic anomalies and alerts from NetScout perimeter DDoS tools to detect and analyze distributed denial-of-service attacks against the network. - Investigate and document all security incidents and events, meticulously recording key details such as the event's nature, affected assets, and actions taken. - Escalate confirmed security incidents and complex issues to Level 2/3 analysts or relevant support teams, providing detailed handovers for efficient resolution. - Follow established incident response procedures for handling standard security events, ensuring timely and effective responses. - Update and maintain security incident records in the ticketing system, ensuring all information is accurate and up to date. - Install application patches and signed software updates to enhance performance, functionality, and security standards. This includes performing scans, managing systems, and updating plugins and patches. - Maintain an inventory of Cyber Security assets within the specified scope, updating a database with details related to OS, databases, webservers, applications, and IP addresses for all Security Solutions. Qua