or email this job to apply later

General Purpose

Candidate is responsible for the design, implementation, and operational success of a SIEM Engineering team within Managed Security Services. This includes managing the people, processes, and technologies required to deliver an efficient and effective SIEM Engineering service while supporting multiple clients across several SIEM technologies.

Qualification

Candidates with Bachelor degree and certification preferred

Excellent and effective communication skills

Ready to work in 24*7 shifts

CISSP, CISM, or other managerial level information security certification

Tasks and Responsibilities

Creating playbooks to implement SOAR

Implementing use cases and log management

Creating workbooks to implement dashboards and apps

following-up for ticket closure with the client and any enhancements to existing cyber security measures.

The job also involves identifying potential threats and performing enhancements to existing cyber security measures as per specifications or policy guidelines.

When a security incident is declared they execute incident response process and document the same.

Operate the console of security information and event management tools (SIEM)

read coded scripts and modify and debug programs

develop custom parsers to parse logs from different sources including firewalls, operating systems, applications, etc.

work on various operating systems and platforms

work with word processors, spreadsheets, and presentations

Technical skills required:

Hands-on experience with Kusto Query language - IMPORTANT

Information security skills and experience with SIEM technologies especially Azure Sentinel and other technologies associated with SIEM (IDS/IPS, routers/switches, network and application layer firewalls, log aggregators, etc.)

Experience on SIEM solution like Splunk/HO ArcSight