L1 Network Engineer

Job Description

Job summary

As an L1 Engineer you need to join our Network Security Operations team, specializing in Web Application Firewall (WAF) and SSL Orchestrator (SSLO) solutions. This is an entry-level position that involves monitoring, initial incident response, and routine maintenance of critical security infrastructure within a high-stakes banking environment. The ideal candidate is a fast learner with a basic understanding of network security concepts and a strong desire to build a career in cybersecurity. You must be prepared to work in a 24/7 shift-based environment to support our client's security needs.

Key Responsibilities

• Monitor WAF dashboards, logs, and alerts in real-time to detect threats like SQL injections, cross-site scripting (XSS), and DDoS attacks.
• Perform real-time monitoring of SSLO to ensure the proper decryption and inspection of encrypted traffic by security tools.
• Conduct daily health checks and status verifications of WAF and SSLO devices and report any hardware or performance issues.
• Assist in generating daily, weekly, and monthly reports on security incidents and performance trends.
• Work with other IT teams (e.g., Network, Server, and Application Support) to resolve security-related issues.
• Respond to security alerts by performing initial analysis and logging incidents or tickets in the ITSM system.
• Validate security events to differentiate between genuine threats and false positives based on standard operating procedures (SOPs).
• Escalate unresolved incidents to the L2/L3 security teams while providing accurate and detailed documentation.
• Maintain up-to-date and accurate records of incidents, changes, and standard operating procedures (SOPs).
• Install application patches and signed software updates in order to improve performance, enable additional functionality or enhance security standard including but not limited to Performing Scans, Management of the system, Updating of plugins and patches, etc.
• To maintain the inventory of entire assets of Cyber Security solutions as per scope of this RFP and maintain and update a database with respect to OS, Database, Webservers, Application details, IP addresses pertaining to all Security Solutions under scope of this RFP.
• Maintain IP addressing schemes, routing information, routes, routing tables, etc. for the Firewall operation.
  
  

Required Skills

[WAF, DNS]

Additional Information

Key Responsibilities

• Monitor WAF dashboards, logs, and alerts in real-time to detect threats like SQL injections, cross-site scripting (XSS), and DDoS attacks.
• Perform real-time monitoring of SSLO to ensure the proper decryption and inspection of encrypted traffic by security tools.
• Conduct daily health checks and status verifications of WAF and SSLO devices and report any hardware or performance issues.
• Assist in generating daily, weekly, and monthly reports on security incidents and performance trends.
• Work with other IT teams (e.g., Network, Server, and Application Support) to resolve security-related issues.
• Respond to security alerts by performing initial analysis and logging incidents or tickets in the ITSM system.
• Validate security events to differentiate between genuine threats and false positives based on standard operating procedures (SOPs).
• Escalate unresolved incidents to the L2/L3 security teams while providing accurate and detailed documentation.
• Maintain up-to-date and accurate records of incidents, changes, and standard operating procedures (SOPs).
• Install application patches and signed software updates in order to improve performance, enable additional functionality or enhance security standard including but not limited to Performing Scans, Management of the system, Updating of plugins and patches, etc.
• To maintain the inventory of entire assets of Cyber Security solutions as per scope of this RFP and maintain and update a database with respect to OS, Database, Webservers, Application details, IP addresses pertaining to all Security Solutions under scope of this RFP.
• Maintain IP addressing schemes, routing information, routes, routing tables, etc. for the Firewall operation.