Roles and Responsibilities

• Creating advanced co-relation rules, administration of SIEM, dashboard creation & rule finetuning.
• Perform the detailed and repeatable execution of all operational tasks as documented in SOC processes and subordinate procedures.
• Develop testing plans to ensure quality of implementation; coordinates and prepares the reporting of data security events and incidents.
• Develop and refine processes for the response and investigation of security incidents and participate in mitigation efforts.
• Provides system and network architecture support for information and network security technologies.

Required Qualifications/Skills

• Knowledge and hands-on experience with Splunk, LogRhythm, QRadar, Arcsight, Mcafee epo, NetIQ, Sentinel or any SIEM tool.
• Experience with Security Information Event Management (SIEM) tools.
• Should have expertise on TCP/IP network traffic and event log analysis.
• Knowledge on Incident, Problem and Change Management.
• Good Knowledge on Checkpoint, Fortigate, PaloAlto and Sonicwall firewalls would be an added advantage.
• Hands-on experience any ticketing tools like SericeNow, JIRA etc

Posted By