HCLTech
Location
Noida | India
Job description
Job Description (Posting).
Summary: Seeking a resource for SIEM platform administrator role to support SIEM services within HCL Cyber Security Fusion Centre. Must Have Skills: SIEM platform administration experience specifically with any cloud SIEM like Microsoft Sentinel, SumoLogic, AlertLogic, Devo or other native SIEM solutions like ArcSight, QRadar, LogRhythm, RSA or Splunk. Experienced with SIEM rule and usecase development. Basic knowledge on other security tools & technologies. Basic Unix knowledge. Good To Have Skills: Prior SOC Analyst role or other security platform management experience. Knowledge on Python or other scripting languages. Experience with any SOAR. Knowledge on Mitre Attack Framework or Cyber Kill Chain. Job Requirements Resource will be responsible for log source integration with SIEM tools which includes planning, providing configuration guidelines to other product admins and onboarding into SIEM. Will be responsible for troubleshooting the broken log sources by engaging respective teams or Vendor as per the complexity of the issue. Will be responsible for the upkeep of the platform including all its components/agents by performing the required health checks. Will be performing basic to moderate troubleshooting with the SIEM platform. Will assist the SOC team by developing SIEM rules and tune them as per security best practices. Will work with one or more threat intelligence tools for integration with SIEM and rule creation. Will support the SOAR admins with playbook/workflow automation. Will develop weekly/monthly reports/presentations and run through with Customers/Leaders for periodic review. Should have good email and meeting etiquettes. Should showcase ownership qualities on the deliverables. Should be flexible with shift timings. Technical Experience Minimum 6 Yrs of total experience with 2+ years of SIEM platform administration experience with any cloud SIEM like Microsoft Sentinel, SumoLogic, AlertLogic, Devo or other native SIEM solutions like ArcSight, QRadar, LogRhythm, RSA or Splunk.Job tags
Salary