logo

JobNob

Your Career. Our Passion.

SPECIALIST

HCLTech

Location

Noida | India

Job description

Job Description (Posting).

Summary: Seeking a resource for SIEM platform administrator role to support SIEM services within HCL Cyber Security Fusion Centre.

Must Have Skills: SIEM platform administration experience specifically with any cloud SIEM like Microsoft Sentinel, SumoLogic, AlertLogic, Devo or other native SIEM solutions like ArcSight, QRadar, LogRhythm, RSA or Splunk. Experienced with SIEM rule and usecase development. Basic knowledge on other security tools & technologies. Basic Unix knowledge.

Good To Have Skills: Prior SOC Analyst role or other security platform management experience. Knowledge on Python or other scripting languages. Experience with any SOAR. Knowledge on Mitre Attack Framework or Cyber Kill Chain.

Job Requirements

Resource will be responsible for log source integration with SIEM tools which includes planning, providing configuration guidelines to other product admins and onboarding into SIEM.

Will be responsible for troubleshooting the broken log sources by engaging respective teams or Vendor as per the complexity of the issue.

Will be responsible for the upkeep of the platform including all its components/agents by performing the required health checks.

Will be performing basic to moderate troubleshooting with the SIEM platform.

Will assist the SOC team by developing SIEM rules and tune them as per security best practices.

Will work with one or more threat intelligence tools for integration with SIEM and rule creation.

Will support the SOAR admins with playbook/workflow automation.

Will develop weekly/monthly reports/presentations and run through with Customers/Leaders for periodic review.

Should have good email and meeting etiquettes.

Should showcase ownership qualities on the deliverables.

Should be flexible with shift timings.

Technical Experience

Minimum 6 Yrs of total experience with 2+ years of SIEM platform administration experience with any cloud SIEM like Microsoft Sentinel, SumoLogic, AlertLogic, Devo or other native SIEM solutions like ArcSight, QRadar, LogRhythm, RSA or Splunk.

  • To clearly understand the client's cybersecurity environment and respective product. (2.) To monitor, configure, and troubleshoot cybersecurity issues and related monitoring tools (3.) To analyse and validate cybersecurity incidents in-detail and help the L3 team with RCAordata or logs collection (4.) To enable knowledge transferortrainings through creationor maintenance of configuration documents, test plans, operational manuals and provide operational training to L1 team. (5.) To analyse and fine-tune cybersecurity policies, participate in cybersecurity review calls pertaining to change requests and recommendations on cybersecurity policy changes. (6.) To implement changes, monitor security device performance and implements performance tuning when necessary. (7.) To prepare analyses and reports to highlight the project progressorchallenges and ensure quality and accuracy to the client

Qualification

B-Tech

No. of Positions

1

Skill (Primary)

 Information Security-SIEM expert-SIEM expert

Auto req ID

1218223BR

Job tags

Salary

GENERAL
Home
About
Contact
Blog
MORE PAGES
Popular searches
Urban popular searches
Cities
Companies
LEGAL
Privacy policy
Terms of service
eAccessibility commitment
logo
JobNob HQ Address
1 E Broad St
Ste 130 - 1252
Bethlehem, PA 18018-5934
United States
All rights reserved