Tecplix Technologies
3 weeks ago
Engineer main duties and responsibilities:
- Develop and implement content for SIEM platforms, including Google Chronicle, Sumologic, and Splunk.
- Configure and fine-tune use cases, correlation, grouping, and logical rules in SIEM tools.
- Integrate new log sources, assets with SIEM, and incremental threat intelligence feeds.
- Draft, test, and deploy YARA and Chronicle Backstory rules.
- Implement integration of endpoints with SOAR solutions, notably Simplify, CXSOAR, and Sumologic SOAR.
- Design and enhance SOAR playbooks, including specialized ones for Palo Alto.
- Curate and update Incident Response Guides.
- Customize SIGMA rules and maintain familiarity with the MITRE ATT&CK Framework.
- Develop threat detection content for various datasets such as Proxy, VPN, Firewall, and DLP.
- Automate workflows using orchestration platforms like Demisto (Cortex XSOAR).
- Aid in process development/improvement for Security Operations.
- Recognize and propose new security controls to bridge existing gaps.
- Chronicle Backstory/ ELK Stack/ YARA / CrowdStrike rules experience is a candidates will have as much of the following:
- Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience).
- After-hours availability required
- Proficiency in Python programming is required; familiarity with other scripting languages is a plus.
- Minimum of 3 years in Content Engineering and Development with hands-on experience in SIEM tools like Google Chronicle, Sumologic, Splunk, and QRadar.
- Comprehensive understanding of the MITRE ATT&CK Framework.
- Proven experience in SOC Incident analysis, covering security technologies such as Firewalls, VPNs, Intrusion detection tools, and EDR tools.
- Strong foundation in networking concepts.
- Proficiency in interpreting and manipulating data within enterprise tools (e.g., SIEM, ITSM).
- Skilled in crafting security analytics queries for platforms like ELK and Splunk.
- Familiarity with EDR tools like CrowdStrike and understanding of TTPs, including Process Injection.
- Outstanding communication, problem-solving, and investigative skills.
Bonus:
- Experience with Chronicle Backstory, ELK Stack, YARA, and CrowdStrike rules.
- Relevant certifications such as Certified Information Systems Security Professional (CISSP) or CompTIA Security+ are advantageous.
- Knowledge of container technologies such as ECS, EKS, Fargate, and Docker.
(ref:hirist.tech)-
SOAR Engineer
3 weeks ago
Bangalore, Karnataka, India TECPLIX TECHNOLOGIES PRIVATE LIMITED Full timeJob Role/Title : SOAR EngineerExperience : 4 to 7 yearsLocation : BangaloreRecruiter Id/Email Id (Registered) :We are looking for a candidate with expertise in the following technical areas :1. SOAR Platforms: Proficiency in utilizing SOAR platforms such as Simplify, Splunk Phantom, Palo Alto Networks Cortex XSOAR, and others.2. Programming and Scripting:...
-
Tecplix Technologies
1 week ago
bangalore, India TECPLIX TECHNOLOGIES PRIVATE LIMITED Full timeEngineer main duties and responsibilities: - Develop and implement content for SIEM platforms, including Google Chronicle, Sumologic, and Splunk. - Configure and fine-tune use cases, correlation, grouping, and logical rules in SIEM tools. - Integrate new log sources, assets with SIEM, and incremental threat intelligence feeds. - Draft, test, and...
-
Tecplix Technologies
2 weeks ago
Bangalore, India TECPLIX TECHNOLOGIES PRIVATE LIMITED Full timeEngineer main duties and responsibilities: - Develop and implement content for SIEM platforms, including Google Chronicle, Sumologic, and Splunk. - Configure and fine-tune use cases, correlation, grouping, and logical rules in SIEM tools. - Integrate new log sources, assets with SIEM, and incremental threat intelligence feeds. - Draft, test, and...
-
SOAR Engineer
4 weeks ago
Bangalore, India TECPLIX TECHNOLOGIES PRIVATE LIMITED Full timeJob Role/Title : SOAR EngineerExperience : 4 to 7 yearsLocation : BangaloreRecruiter Id/Email Id (Registered) :We are looking for a candidate with expertise in the following technical areas :1. SOAR Platforms: Proficiency in utilizing SOAR platforms such as Simplify, Splunk Phantom, Palo Alto Networks Cortex XSOAR, and others.2. Programming and Scripting:...