Report this Job
General Purpose
Candidate is responsible for the design, implementation, and operational success of a SIEM Engineering team within Managed Security Services. This includes managing the people, processes, and technologies required to deliver an efficient and effective SIEM Engineering service while supporting multiple clients across several SIEM technologies.
Qualification
Candidates with Bachelor degree and certification preferred
Excellent and effective communication skills
Ready to work in 24*7 shifts
CISSP, CISM, or other managerial level information security certification
Tasks and Responsibilities
Creating playbooks to implement SOAR |
Implementing use cases and log management |
Creating workbooks to implement dashboards and apps |
following-up for ticket closure with the client and any enhancements to existing cyber security measures. |
The job also involves identifying potential threats and performing enhancements to existing cyber security measures as per specifications or policy guidelines. |
When a security incident is declared they execute incident response process and document the same. |
Operate the console of security information and event management tools (SIEM) |
read coded scripts and modify and debug programs |
develop custom parsers to parse logs from different sources including firewalls, operating systems, applications, etc. |
work on various operating systems and platforms |
work with word processors, spreadsheets, and presentations |
Technical skills required:
Hands-on experience with Kusto Query language - IMPORTANT
Information security skills and experience with SIEM technologies especially Azure Sentinel and other technologies associated with SIEM (IDS/IPS, routers/switches, network and application layer firewalls, log aggregators, etc.)
Experience on SIEM solution like Splunk/HO ArcSight |
|
Creating playbooks to implement SOAR |
Implementing use cases and log management |
Creating workbooks to implement dashboards and apps |
following-up for ticket closure with the client and any enhancements to existing cyber security measures. |
The job also involves identifying potential threats and performing enhancements to existing cyber security measures as per specifications or policy guidelines. |
When a security incident is declared they execute incident response process and document the same. |
Operate the console of security information and event management tools (SIEM) |
read coded scripts and modify and debug programs |
develop custom parsers to parse logs from different sources including firewalls, operating systems, applications, etc. |
Infoways