Security 24X7 L1

Primary Skills

Role Overview : Responsible for continuous 24×7 monitoring, detection, investigation, escalation, and resolution of security incidents across UBP's in-scope security environment, ensuring SLA adherence, regulatory compliance, and operational stability.

Key Responsibilities

• 24×7 real-time monitoring of security alerts
• Incident classification, investigation, containment, and resolution
• Ticket handling using Remedy and ServiceNow
• Timely escalation as per defined escalation matrix
• Coordination with internal teams and vendors
• Participation in incident bridges and shift handovers
• Contribution to RCA and corrective actions

1. Technical Skills

• Basic understanding of firewall and network security concepts (FortiGate, Palo Alto)
• Hands-on experience with security monitoring tools and dashboards
• Ability to analyze security alerts, logs, and events
• Working knowledge of cloud security fundamentals (AWS and Azure)
• Familiarity with SIEM/SOC operations and alert handling
• Experience using Remedy and ServiceNow for incident and ticket management

1. Operational Skills

• 24×7 shift-based operations and incident handling
• Incident classification, prioritization, and escalation
• Accurate documentation and ticket updates
• Adherence to SOPs, SLAs, and escalation matrices

1. Behavioral Skills

• Strong communication skills during incidents
• Ability to work under pressure in a live production environment
• Team collaboration and willingness to learn
• Attention to detail and compliance mindset

Required Skills & Qualifications

Strong knowledge of:

• BSP regulatory framework (Outsourcing, Operational Resilience, IT Risk)
• IT Governance, Risk Management, and Compliance frameworks
• Vendor governance and third‑party risk management

Experience

• 3–5 years of experience in GRC, IT Risk, Compliance, Audit, or Cybersecurity.
• Experience in BFSI or similar highly regulated industry preferred.

Tools / skills required,

24/7 Tools

1. FortiAnalyzer/Fortigate - checking of logs/traffic
2. Palo Alto Panorama - blocking, checking of logs/traffic
3. F5 BIG‑IP Advanced WAF used for traffic swing & toggling of nodes
4. BeyondTrust - account management
5. Akamai - blocking & monitoring of traffic
6. Nagios - security tools/host monitoring
7. LDAP - account management
8. Microsoft Azure - account management
9. Active Directory - account management
10. Microsoft 365 - account management
11. EPO/MacAfee - old tools for usb & pcidss
12. Trellix - for usb & pcidss
13. CrowdStrike - VA scanning
14. Tenable - VA scanning
15. Qualys - previously used for VA scanning
16. Sygnia/Velocity - security tools alerts
17. Remedy/ServiceNow - ticketing system
18. Amazon SES - for health check monitoring, read only
19. Bitly - qr & url shortening