KPMG
Location
Thane | India
Job description
Roles & Responsibilities:
SIEM:
• Manage and optimize SIEM infrastructure, including deployment, configuration, patching, and upgrades.
• Manage entire lifecycle of log sources which includes Log source integration and decommissioning
• Design and implement SIEM rules and filters for efficient security event correlation and log analysis.
• Develop custom parsers
• Configure and manage SIEM integrations with other security tools and threat intelligence feeds.
• Create and maintain dashboards and reports for analysing security trends and threat landscapes.
• Collaborate with security analysts and incident responders to investigate and mitigate security incidents.
SOAR:
• Manage and administer the Resilient platform, including configuration, automation workflows, and playbooks.
• Design and implement automated incident response playbooks for efficient threat containment and remediation.
• Orchestrate incident response activities through Resilient, coordinating tasks and resources across teams.
• Develop and maintain playbooks for vulnerability management, user activity monitoring, and threat hunting.
• Integrate SOAR with SIEM and other security tools for seamless incident response workflows.
• Monitor and optimize SOAR performance, ensuring maximum efficiency and effectiveness.
Primary Skills Required:
• Bachelor's degree in Computer Science, Information Security, or a related field (strongly preferred).
• Minimum of 5 years of experience administering SIEM and SOAR solutions, preferably IBM QRadar and IBM Resilient.
• Proven expertise in security event correlation, incident response, and automation methodologies.
• Strong understanding of network security and threat intelligence concepts.
• Experience with scripting languages (e.g., Python, Bash) is a plus.
• Excellent analytical and problem-solving skills.
• Strong communication and written skills.
• Ability to work independently and as part of a team in a fast-paced environment.
• Demonstrated success in integrating SIEM and SOAR platforms for streamlined security operations.
• OEM Professional certifications are a plus
Job tags
Salary
