ATMECS Technologies Pvt., Ltd.
Location
Coimbatore | India
Job description
Job Title: Security Operations (SECOPS) and Security Information and Event Management (SIEM) Location: Coimbatore Exp. 4-6yrs.
Position Summary
(SIEM) are critical components of an organization's cybersecurity infrastructure. To
effectively manage a SIEM solution and perform security operations, administrators
need a specific skill set. Here's a list of skills and knowledge areas that are important for
SECOPS SIEM administrators:
1. Cybersecurity Fundamentals: A strong foundation in cybersecurity concepts, including
threat landscapes, attack vectors, and best practices, is essential.
2. SIEM Platforms: Proficiency in working with SIEM platforms, such as Splunk, ELK Stack
(Elasticsearch, Logstash, Kibana), IBM QRadar, or others.
3. Log Analysis: The ability to collect, parse, and analyze logs from various sources
(network devices, servers, applications) to identify security incidents.
4. Incident Response: Knowledge of incident response procedures, including how to
investigate and mitigate security incidents effectively.
5. Threat Intelligence: Staying up-to-date with the latest threat intelligence information and
understanding how to integrate it into SIEM solutions to improve threat detection.
6. Security Policies and Compliance: Understanding security policies, compliance
standards (e.g., PCI DSS, HIPAA), and the ability to configure SIEM systems to monitor
for policy violations.
7. Network and System Administration: A solid understanding of network and system
administration is crucial for configuring and maintaining SIEM solutions.
8. Programming and Scripting: Proficiency in programming languages (e.g., Python,
PowerShell) for customizing and automating SIEM tasks.
9. Query Language: The ability to write complex queries using SIEM query languages (e.g.,
Splunk SPL, Elasticsearch DSL) to extract relevant information from logs.
10. Data Normalization: Skill in data normalization to standardize data from diverse sources
for efficient analysis.
11. User and Entity Behavior Analytics (UEBA): Familiarity with UEBA tools and techniques
for identifying anomalous behavior and potential insider threats.
12. Threat Hunting: Proactive threat hunting skills to search for security threats that may not
be detected by automated SIEM rules.
13. Integration: Knowledge of integrating SIEM with other security tools and systems, such
as firewalls, IDS/IPS, antivirus, and endpoint detection and response (EDR) solutions.
14. Security Knowledge: Staying informed about the latest security vulnerabilities, exploits,
and emerging threats.
15. Communication and Documentation: Strong communication skills for reporting security
incidents and vulnerabilities to stakeholders, and the ability to document incident
response procedures and policies.
16. Critical Thinking and Problem-Solving: The ability to think critically and solve complex
security issues effectively and efficiently.
17. Adaptability: The cybersecurity landscape is constantly evolving, so the ability to adapt
to new technologies and threats is crucial.
18. Team Collaboration: Working effectively in a team, as security operations often require
cooperation between different departments and personnel.
19. Certifications: Earning relevant certifications, such as Certified Information Systems
Security Professional (CISSP), Certified Information Security Manager (CISM), Certified
Information Security Manager (CISA), and vendor-specific SIEM certifications, can
validate your skills and knowledge.
It's important to note that SECOPS SIEM administrators should continuously update
their skills and knowledge to stay ahead of evolving security threats and technologies.
Additionally, the specific skills required may vary depending on the organization's SIEM
platform and its unique security needs.
Job tags
Salary
