ABOUT COMPANY

Our Story

The Ultra-connected world of today has changed our lives beyond measure. Digital progress has made lives easier and businesses more efficient. However, with technological progress comes many new threats and challenges. We are transforming the cyber security landscape through a complete range of state of the art services and solutions for governments, businesses and individuals.

Started up in Dubai, UAE with offices in Bangalore and associations worldwide, GreenSentries is a team of highly experienced and skilled cyber security specialists dedicated to providing secure, trusted and integrated protection services. We are engaged in multifaceted research to roll out future ready solutions in the Information Security, Internet of Things and Industrial Control Systems protection.

News & Events

GreenSentries creates future ready products and services in information security. Our unique offerings constantly push boundaries and nurture innovation.

At GreenSentries we are focused on people and we are always on the lookout for right people to join our expanding team of technology and business professionals. Ensuring our workforce reflects the diversity of modern society is a key commitment for us. So here at GreenSentries, equality in the workplace is just a part of what we do.

Are you are a self-motivated professional? Are you excited to be part of an agile and fast growing global company? Talk to us today. Please drop us an e-mail and we will reach you soon.

Careers

GreenSentries creates future ready products and services in information security. Our unique offerings constantly push boundaries and nurture innovation.

At GreenSentries we are focused on people and we are always on the lookout for right people to join our expanding team of technology and business professionals. Ensuring our workforce reflects the diversity of modern society is a key commitment for us. So here at GreenSentries, equality in the workplace is just a part of what we do.

Are you are a self-motivated professional? Are you excited to be part of an agile and fast growing global company? Talk to us today. Please drop us an e-mail and we will reach you soon.

MSSP ARCHITECT & LEAD SME JOB DESCRIPTION

EXPERIENCE: 10-12 YEARS

  • Lead the design, documentation and implementation of SOC processes and procedures for the Security Operations Center (including but not limited to use cases, indicators of compromise, kill chains, run books, operational procedures etc.).
  • Work with Lead Architects to agree, document and implement security event notification and remediation processes and procedures.
  • Design, document and implement security incident management processes and procedures within the SOC team and wider stakeholder groups
  • Develop and implement SLA’s and OLA’s for the SOC team and managed security service providers (internal and external)
  • Liaise with Managed Security Service Providers (internal and external) to gain agreement and sign off of the SLA’s, OLA’s
  • Lead the parallel configuration of the SIEM and other security infrastructure to ensure that the use cases, processes and procedures are appropriately supported and automated by the relevant solutions and able to provide the SOC analysts with requisite data.
  • Previous experience in architecting , designing and implementing a complete MSSP infrastructure
    Help the organization in understanding customer requirements & proposing solutions for it.
    Mentor & Guide fellow security analysts.
  • Ability to handle escalations & high pressure environments.
  • Working knowledge of Open Source Security tools such as Snort, nmap, OpenVAS, Nagios, WireShark, NESSUS, NFDump, nTop.
  • Working knowledge of various security methodologies and processes.
  • Experience Configuring and implementing security solutions (firewalls, IDS, OSSIM / LM/SIEM etc.)
  • Knowledge of TCP/IP protocols and analysis
  • Excellent customer interface skills
  • Strong Oral and Written Communication Skills explaining complex procedures
  • Ability to Communicate in a Professional, Friendly and Effective Manner
  • Knowledge of common Internet protocols and applications.
  • Programming / shell scripting experience highly desirable (PERL, Java, shell scripts, etc.)
  • Extensive Trouble Shooting skills involved with Appliance Installation, Deployment and Usage in a Complex Network Environment
  • Previous Customer Facing role (Sales Engineering, Customer Service, Support, etc.)
  • Strong Collaborator, Solutions Oriented Team Focused
  • High-Energy person with an extremely Positive Attitude.

TECHNICAL SKILLS:

  • Significant experience with MSSP infrastructure design, configuration and use
  • Significant security device management experience (including, firewalls, IDS, internet filters, vulnerability scanners etc.)
  • Familiarity with Cisco ASA, Cisco IPS, VM, Tenable SC, Nessus, Websense and SNORT is a plus.

RELEVANT PROFESSIONAL QUALIFICATIONS:

  • Certified Information Systems Security professional (CISSP)
  • Certified Ethical Hacker (CEH)
  • Global Information Assurance Certifications (GIAC) e.g. Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Enterprise Defender (GCED)
SOC MANAGER JOB DESCRIPTION
  • Experience in global delivery operations support model (e.g. 24*7/16*8).
  • Primarily responsible for security event monitoring, management and response of MSSP clients.
  • Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
  • Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
  • Revise and develop processes to strengthen the current Security Operations framework, Review policies and highlight the challenges in managing SLAs.
  • Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre.
  • Should have experience in developing SOC documents like SLA, Service Schedule, SMF etc.
  • Should have managed a team of at least 8 to 10 professional which includes performance management.
  • Should have experience in mentoring professionals with technical subject matter as well as professional growth.
  • Should have experience in service delivery capacity planning, resource management and service level optimization.
  • Should have experience in establishing and managing quality processes and measurement metrics (KPIs) for information security operational services.
  • Should have good knowledge of industry standard service delivery and management process frameworks such as ITIL.
  • Should have experience in leading IT security operational meetings with key internal and client stakeholders e.g. participation in CAB meetings, Periodic IT security operational meetings etc.
  • Should have experience in leading security incident response and handling such as security device outages, breaches, worm/virus outbreaks etc.
  • Should have experience in knowledgebase development and management
  • Should have deep technical experience in monitoring, troubleshooting and management of security tools and technologies such as SIEM, Firewall, Content Filtering Systems, Intrusion Detection and Prevention Systems, Antivirus, Threat Management Solutions , Data Loss Protection, Vulnerability Management Solutions, SLB/Proxy etc
  • Should have experience in maintaining and managing security configurations for network devices and Servers. Experience with automated configuration and change management tools is desired.
  • Should have good knowledge of various network and server platforms.
  • Ability to create technical documentation related to day to day operations & deliverables of SOC

TECHNICAL SKILLS:

  • Proficient in Incident Management and Response
  • Experience in security device management and SIEM
  • In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
  • Experience in threat management,
  • Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix
  • Knowledge of applications, databases, middleware to address security threats against the same.
  • Proficient in preparation of reports, dashboards and documentation
  • Excellent communication and leadership skills
  • Experience in performing vendor management
  • Good Analytical skills, Problem solving and Interpersonal skills

QUALIFICATION:

Must be a BE-IT / B Tech /Comps. Should possess at least 2 certification in security preferably the following:

  • ECSA
  • CISSP
  • GCIH
  • GSEC
SECURITY ANALYST JOB DESCRIPTION

TOOLS & TECHNOLOGIES:

  • Various FOSS – Free and Open Source Software
  • IDS/IPS
  • NetFlow, and protocol collection and analysis tools like
    • Snort ,
    • Suricata ,
    • Bro ,
    • Argus ,
    • SiLK ,
    • tcpdump, and
    • WireShark

PROTOCOL EXPOSURE:

  • TCP/IP or OSI network protocol stack,
  • IP
  • Internet Control Message Protocol (ICMP),
  • TCP,
  • User Datagram Protocol (UDP),
  • Simple Mail Transfer Protocol (SMTP),
  • Post Office Protocol 3 (POP3),
  • Hypertext Transfer Protocol (HTTP),
  • File Transfer Protocol (FTP),
  • SSH
  • Cryptograhy and Hash protocol
    • Advanced Encryption Standard (AES),
    • Rivest, Shamir, and Adleman (RSA),
    • MessageDigest Algorithm (5) (MD5),
    • Secure Hash Algorithm (SHA),
  • Kerberos,
  • Secure Socket Layer/ Transport Layer Security (SSL/TLS), and
  • Diffe Hellman Security engineering and
  • Architecture work—analysis and engineering of security features of large, distributed systems
  • Experience with any NIDS/NIPS or HIDS/HIPS tools
  • Experience working with various log aggregation and SIEM tools such as ArcSight ,Mcafee ESM or Splunk
    • Experience with vulnerability assessment and penetration testing tools such as Metasploit , CORE Impact, Immunity Canvas , or Kali Linux
    • Experience with programming and scripting languages and text manipulation tools, most notably Perl, but also including sed and awk , grep, Ruby , and Python
    • Knowledge of Windows and other OS internals and popular file systems and work with media forensics and analysis tools such as
      • AccessData FTK
      • EnCase Forensic
    • Experience in Linux/UNIX system administration, along with network (router and switch), Web server, firewall, or DNS administration

SOFT SKILLS:

  • Written and oral communication
  • Ability to thrive on high ops tempo, high-stress environments
  • Strong team player
  • Ability to provide on-the-job training and knowledge sharing to other analysts
  • Self-initiative with strong time management
  • Solid sense of integrity and identification with the mission

CERTIFICATIONS:

  • MCSE,CEH,ECSA.SSCP,Security Plus for Windows Security Analyst
  • RHCE,CEH,ECSA.SSCP,Security Plus,Shell scripting for Linux/Unix Security Analyst
  • Cisco Security/Checkpoint Security certification plus CEH,ECSA.SSCP,Security Plus for Network Security Analyst
  • CISSP with real SOC management experience, documentation ,ISO 27K, RHCE,CEH,ECSA.SSCP for SOC manager
LEVEL 1 SECURITY ANALYST JOB DESCRIPTION
  • Proper working knowledge on SIEM platforms like Splunk/RSA Security Analytics/HP ArcSight/IBM QRadar/RSA enVision.
  • Experience in Log analytics based on User behavior analytics.
  • Experience in integrating the log sources with Splunk/ RSA Security Analytics / HP ArcSight / IBM QRadar, RSA envision and Splunk platforms.
  • Capture the requirement for security use cases under the various categories.
  • In Experience Design and development of use-cases.
  • Simulate the log sources and test the security use-cases in test environment.
  • Making/designing correlation engine.
  • Designing/configuration of Case management.
  • Experience on requirements gathering and use case development on Splunk/ RSA Security Analytics/ HP ArcSight/ IBM QRadar, RSA envision platforms or similar solutions.
  • Strong understanding of Networking fundamentals, traffic and operating systems (Windows & Unix/Linux).
  • IT Security domain experience; preferably in data analytics or security analytics, Hands on experience on Access/Event intelligent, Log management, Vulnerability Analysis & IAM.
  • Enterprise software installation experience.
  • Consultative skills and ability to analyze complex issues for impact and alternative solutions, making logical decisions based on overall project objectives.
  • Ability to quickly adapt and master new technology and Good written/communication (English)
LEVEL 2 SECURITY ANALYST JOB DESCRIPTION
  • Experienced in managing multiple SOC customers.
  • Strong Knowledge and troubleshooting of SIEM technologies such as Qradar, ArcSight, RSA Envision etc.
  • Use strong TCP/IP networking skills to perform network troubleshooting to isolate and diagnose common network problems
  • Respond to needs and questions of customers concerning their access to network resources through their managed device
  • Resolve problems independently and understand escalation procedure
  • Interface with onsite / clients to understand the quality aspects and expectations, as needed
  • Collaborate effectively with local team members and offshore staff to create best practice processes
  • Proven Knowledge and expertise in SIEM administration tasks including troubleshooting of various SIEM components
  • Knowledge and experience in security products such as Firewalls, DLP, and next gen devices is added plus
  • Experience in event monitoring, correlation, event analysis, investigate and remediation of security events.
  • Experience in Designing and implementing Security Incident Management Process
  • Good knowledge of Various security Technologies
  • Knowledge of TCP/IP protocols and analysis
  • Responsible to Create rules, filters, active channels, queries, trends and all other informational content based on use cases
  • Responsible to Develop, implement, maintain and execute standard content development practices for SIEM Platform
  • Responsible to Work with business unit SMEs on use cases and to create correlation rules and content that is relevant to that business unit
  • Responsible to Communicate and collaborate with security operations center analysts to optimize HP ArcSight performance to better meet the needs of operations
  • Responsible to Tune correlation rules and event data quality to maximize SIEM system efficiency
  • Responsible to provide support recommendations and optimization for the SIEM platform
  • Relevant professional experience including working knowledge or high level awareness of the following technologies:
    • Log Management and SIEM (e.g. Splunk, IBM QRadar, HP ArcSite, etc.)
    • Firewalls (e.g. PaloAlto Networks, Checkpoint, Cisco ASA, Juniper SSG, PFSense, etc.)
    • Routers (e.g. Cisco, Juniper, etc.)
    • Network Analysis Tools (e.g. Netwitness, Wireshark, etc.)
    • System Analysis and Forensic Tools (e.g. FTK, EnCase, etc.)
    • Endpoint Security (e.g. Bit9, Carbon Black, Symantec, McAfee, Forefront, etc.)
    • Windows Management (e.g. WSUS, SCCM, SCOM, Active Directory, Group Policy Objects, etc.)
    • Vulnerability Management (e.g. NeXpose, Tenable Nessus, etc.)
    • Penetration Testing Tools (e.g. Metasploit, Backtrack, Kali, etc.)
    • Operating Systems (e.g. Windows Server 2008/2012, CentOS Linux, OSX, etc.)
    • Enterprise Microsoft Solutions (e.g. Exchange, Sharepoint, Lync, etc.)
    • Regulatory Regimes (e.g. ISO27K, SSAE16, HIPPA, PCI, FISMA, etc.)
    • Internet Policy Enforcement, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions
    • CISSP / CISA / CEH / ECSA / CHFI or other information security certifications

Contact Us

5 + 6 =

ADDRESS

GreenSentries DMCC
Office #406, 1 Lake Plaza, T Cluster, JLT,
Dubai, UAE
Ph: +971557391463
Email:info@greensentries.com