Digital Trust GSOC Assistant Manager
Location
Bangalore | India
Job description
Job Description
About KPMG in India
KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada.
KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.
KPMG's Global Security Operations Centre (GSOC) is internal SOC team supporting KPMG member firms across the Globe to detect and respond to cyber-attacks to KPMG across locations.
- GSOC – SIEM Specialist – Lead design and deployment of SIEM tools. This includes but is not limited to process design and flow creation, pre-requisite validation/establishment, POCs (testing in LAB), documentations, etc.
Responsibilities - Requirement gathering from client regarding the new rollout, deployment, or migration from existing SIEM.
- Documentation of requirement and validations of pre-requisites.
- Technical architecture design and test in LAB environment
- Creation and documentation of process and visio flows.
- Technical deployment of the required SIEM tool
- Event source Onboarding as per agreed methods.
- Log collectors' deployment and configuration
- Automation of repeated operational activities
- Handover to operations.
- Define and document Log quality criteria.
- Work with vendor on escalated issues.
- Documentation of SOPs, troubleshooting guides, etc.
- Collaborate with stakes holders and peers across the globe through emails or phone call when needed.
Qualifications - Understanding of SIEM architecture and deployment models.
- 4-6 Years of experience in SIEM implementation
- Technical expertise in Azure sentinel, Q-Radar, LogRhythm, ELK, and other SIEM tools
- Experience in deploying and maintaining syslog collectors.
- Technical and process understanding of onboarding/offboarding of assets and identities to multiple security tools.
- Hand-on experience in writing complex/advanced KQL queries.
- Understanding of Linux operating system.
- Troubleshooting of issues related to event source logging as well as collector issues.
- Data ingestion calculation and reporting.
- Hands-on experience in creating Visio flows.
- Understanding of PowerBI.
- Understanding of Network protocols and communications
- This role demands candidates to be fluent in written as well as spoken English.
Job tags
Salary
