Report this Job
Hi,
We have immediate openings forWe have immediate openings for"SIEM - Splunk ContentDevelopers"for one of our Premier Clients.
Please mail your CV with CTC and Notice Period details to(e-mail removed)or send it by WhatsApp to 9980386727.
PFB, the detailed JD of this opening.
Job Locations : Bangalore, Hyderabad, Chennai, Pune, Mumbai
Nature of Employment : Permanent.
Qualification:Bachelor's Degree.
Position : SIEM - Splunk Content Developer.
Requisites :
content development engineer or L2 level SOC SIEM engineer with hands-on experience in developing new rules, use cases based on various log sources including Cloud Security log sources and integrating various log sources with SIEM Platform.
Creating and implementing new threat detection content, rules and use cases to deploy in SIEM platform with different data sets like Proxy, VPN, Firewall, DLP, etc.
Assisting with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions.
Developing custom content based on threat intelligence and threat hunting results.
Identifying gaps in the existing security controls and / new security controls.
SIEM Engineering and knowledge of integrating various log sources with any SIEM platform.
Custom parsing of logs being ingested into the SIEM Platform.
Job Requirements:
3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arcsight /QRadar/Nitro ESM/etc.
Deep understanding of MITRE ATT&CK Framework.
Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools.
Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation).
Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content.
Experience on EDR tools like Crowdstrike and good understanding on TTPs like Process Injection.
- Chronicle Backstory/ YARA / Crowdstrike rules is a plus.
CTC : Upto 32 Lakhs p.a.
If the Job profile interests you, please mail CV answering the queries below.
1) Educational Qualification?
2) SIEM Splunk Experience in Years?
3) Present Employer and Location
4) Preferred Location?
5) Present and Expected CTC
6) Notice Period / Lead time to join from the offer date?
7) Available for Virtual Interviews ?
8) Contact Number
9) Email ID
Thanks & Regards
Shivakumar BK,99803 86727
Lead Recruiter
Gyan n Gigs Pvt Ltd
<(e-mail removed)>
Gyan n Gigs Consulting LLP
