Location
Chennai | India
Job description
Job Description (Posting).
Summary ________________________________________________________________________________________________________Manage SIEM Solution and Supporting Unit for HCL and its global customers Must Have Skills: QRadar Security Information and Event Management (SIEM)Good To Have Skills : SIEM Operations & understanding of ICS/OT infrastructure, SOC Operations, Any scripting language, Any automation experience, Any Database management, Linux OS familiarity, RegEX________________________________________________________________________________________________________Job Requirements :Key Responsibilities : . Responsible for design & implementation of SIEM platform(s).. Responsible of upgrade/update of SIEM components & applications within.. Responsible for integration of various log sources with SIEM.. Responsible for custom log source integrations with SIEM.. Responsible for monitoring and maintain the health of SIEM components & applications within.. Responsible for creation/modification of security usecase (rule triggers) in SIEM by understanding the customer infra setup and customer needs.. Responsible for creation/modification of reports (automated & custom).. Responsible for working with respective stakeholders to on-board or troubleshoot the broken log sources if any.. Responsible for Custom Property Creation.. Responsible for WinCollect Installation & Management.. Responsible for Apps Installation & Apphost Management.________________________________________________________________________________________________________Technical Experience:-Custom Event Mapping for unknown events, miscategorized events, and custom log source extensions. -Work with IRT team to remediate offenses, tune rules for false positives, and create new rules.-Creation and management of reference sets and outside threat intel sources.-Onboard new log sources, and assign log sources to correct group. -Dashboard creation for monitoring environment. -Report creation and maintenance. - Maintain all components of a distributed QRadar infrastructure, and deployment servers Provide overall management of the QRadar platform deployment, configuration, and maintenance across a variety of UNIX and Windows platforms Professional Attributes : - Previous QRadar administration or development (DSM/parser development) experience At least 2 years of QRadar experience required .- Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents.- Work with the customer designated personnel to provide continual correlation rule tuning, incident classification and prioritization recommendations.- Report query adjustments, dashboard creations, system maintenance activities and various other SIEM configuration activities.- Familiarity with working in the Red Hat Enterprise Linux operating systemEducational Qualification: Bachelors and above degree in Computer Science, Information Technology, MIS, Engineering (1.) Provides guidance on how his area of capability can resolve an organizational need and actively participates in all phases of the solution life cycle. Design Solutions and best practices to meet clients objective. (2.) Work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data (3.) Depending on the work environment, the subject matter expert may lead or be an active participant of a work-group with the need for specialized knowledge. (4.) Meet all agreed-upon turnaround times for deliverables, deliverable reviews, or deliverable sign-off (5.) Understands, articulates and implements best practices related to his area of expertise.
Qualification
B.E, B.Tech, BE/Btech/Beng(Hons)
Skill (Primary)
Technical Skills (ERS)-Security Tools-Cyber Security
Job tags
Salary
