SOC Administrator
1 month ago
Job Description :
Responsibilities :
- Align with internal & external needs, threat trends, and operational performance to identify opportunities for improvement/enhancement of the security operations center technologies and integrations.
- Perform system administration for SIEM, SOAR, EDR and ancillary devices.
- Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/SOAR platforms.
- Develop information security and incident response workflows, procedures and best practices and publish them as playbooks in SOAR platform.
- On-board new log sources with log analysis and parsing to enable SIEM correlation.
- Creates and develops correlation and detection rules within SIEM solution (IBM QRadar), reports and dashboards to detect emerging threats.
- Manage, develop, and tune the scripts that integrate SIEM.
- Collaborate with key stakeholders within technology, application, and cyber-Security to develop specific use cases to address specific business needs.
- Collaborate with platform & application owners to define and establish logging standards to address various governance & security requirements.
- Create technical documentation around the content deployed to the SIEM.
- Provides technical support for forensics services to include evidence seizure, computer forensic analysis and data recovery, in support of computer crime investigation. Researches and maintains proficiency in open and closed source computer exploitation tools, attack techniques, procedures, and trends.
- Performs research into emerging threat sources and develops threat profiles. Keep updated on latest cyber security threats.
- Demonstrates strong evidence of analytical ability.
- Has a broad understanding of all stages of incident response.
- Has a sound understanding of other technologies like PAM, CASB, EDR, Email Security, Secure Web gateway etc. and other threat detection platforms that form part of the broader SOC program.
- Creation of reports, dashboards, metrics for SOC administration KPIs and presentation to senior management & other stakeholders.
- Handling audits related activities with internal and external stakeholders to ensure compliance of policies, adherence of procedures, showcase evidence, and align the observation reports for process improvisations to achieve operational objectives.
- Be prepared to provide a Technical Escalation Point during security incidents, establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a re-occurrence.
- Has a systematic, disciplined, and analytical approach to problem solving with Though leadership skills.
- Has basic knowledge of audit requirements (PCI, HIPPA, SOX, ISMS etc.)
Qualifications :
Minimum qualifications / skills :
- Relevant years of experience working within the information security field, with emphasis on security platform implementation & administration.
- Bachelors (Graduation) or higher in Computer Science or equivalent.
- Experience with QRadar (preferred) and/or other platforms SIEM systems like SPLUNK, ArcSight.
- Experience with IBM Resilient (preferred) or equivalent SOAR technology like Demisto, Splunk, Service Now.
Technical Experience & Skills Required :
- Excellent understanding and proven hands-on experience in SIEM concepts such as correlation, aggregation, normalization, and parsing.
- Experience with deploying and managing a large SIEM deployment.
- Excellent understanding of enterprise logging standards, with a focus on application logging
- Advanced knowledge of content creation concepts and best practices
- Excellent understanding of regular expressions, development of custom/flex Parsers
- Strong knowledge of frameworks such as Cyber Kill Chain and Adversary Tactics, Techniques and Procedures.
- Experience in Implementation and support of major SOAR platform (preferred - IBM Resilient) and developing playbooks for automation.
- Expertise in writing QRadar searches, QRadar Infrastructure and content use case development, well-versed with IBM QRadar architecture and design
- Experience in QRadar & Resilient Administration and analytics development on Information Security, Triage events, Incident Analysis.
- Hands on exp with information security tools such as SIEMs, FW, IDS/IPS, EDR, Sandboxes, Vulnerability Management, etc.
- Excellent Python and Unix Shell scripting skills
- Understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies.
- Excellent understanding of Cyber Security Operations, Incident Response processes.
- Experience in using scripting languages to automate tasks and manipulate data.
- Programming experience is a plus.
- Experience working in a large enterprise environment and integrating solutions in a multi-vendor environment.
Preferred qualifications/skills :
Security Certifications Preferred (Including but not limited to the following certifications) :
- Security+, CEH, OSCP, CISSP, CISM, GIAC GCIH.
- Preferred product specialization certifications on QRadar (SIEM), Resilient (SOAR), CrowdStrike (EDR), Mimecast (Email Security)
-
SOC Administrator
1 week ago
Mumbai, Maharashtra, India Panchjanya HR Services Full timeJob Description : Responsibilities :- Align with internal & external needs, threat trends, and operational performance to identify opportunities for improvement/enhancement of the security operations center technologies and integrations.- Perform system administration for SIEM, SOAR, EDR and ancillary devices.- Develop, implement, and execute standard...
-
Intern - Siem Administrator - Soc
1 week ago
Mumbai, Maharashtra, India Network Intelligence Full timeDesignation: Intern - SIEM Administrator - SOCJob Code: HR1185Location: Mumbai Maintain SIEM operations and document current environment. Work with external teams to ensure all necessary logging sources are reporting to the SIEM. Creation of technically detailed reports on the status of the SIEM to include metrics on items such as number of logging sources;...
-
SOC Administrator
1 month ago
mumbai, India Panchjanya HR Services Full timeJob Description : Responsibilities :- Align with internal & external needs, threat trends, and operational performance to identify opportunities for improvement/enhancement of the security operations center technologies and integrations.- Perform system administration for SIEM, SOAR, EDR and ancillary devices.- Develop, implement, and execute standard...
-
SOC Administrator
1 month ago
Mumbai, Maharashtra, India Panchjanya HR Services Full timeJob Description :Responsibilities :- Align with internal & external needs, threat trends, and operational performance to identify opportunities for improvement/enhancement of the security operations center technologies and integrations.- Perform system administration for SIEM, SOAR, EDR and ancillary devices.- Develop, implement, and execute standard...
-
SOC Implementation Consultant
1 week ago
Mumbai, Maharashtra, India Panchjanya HR Services Full timeHaving good knowledge on SIEM, FIM, IPS, Network devices and TCP/IP model, Ports and Incident analysis.- Good verbal/written communication skills. Review of daily health Check: LogRhythm, QRadar and their components.- Data Archiving and backup and data purging as per need and compliance.- Evidence collection for audits and documentation of all activities...
-
SOC Infra
2 weeks ago
Mumbai, Maharashtra, India Sequretek Full timeSOC Infra**Job Location** - Mumbai, India**About Us and Vision** Sequretek is one of the very few cybersecurity companies in the world, to offer their own AI-based security products around endpoint security, user access governance, and security monitoring. Sequretek has its 5 offices across US (New Jersey, Arkansas) and India (Mumbai, Delhi, Bangalore)...
-
SOC Admin
3 weeks ago
Mumbai, India IBM Full time**Introduction** **Your Role and Responsibilities** **Who you are**: As Security Services Specialist, you are responsible for managing day to day operations of Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. If you thrive in a dynamic, reciprocal...
-
SOC Admin
2 weeks ago
Mumbai, India IBM Full time**Introduction** **Your Role and Responsibilities** **Who you are**: As Security Services Specialist, you are responsible for managing day to day operations of Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. If you thrive in a dynamic, reciprocal...
-
SOC Implementation Consultant
1 month ago
Mumbai, Maharashtra, India Panchjanya HR Services Full time- Having good knowledge on SIEM, FIM, IPS, Network devices and TCP/IP model, Ports and Incident analysis.- Good verbal/written communication skills. Review of daily health Check: LogRhythm, QRadar and their components.- Data Archiving and backup and data purging as per need and compliance.- Evidence collection for audits and documentation of all activities...
-
SOC Implementation Consultant
1 month ago
mumbai, India Panchjanya HR Services Full time- Having good knowledge on SIEM, FIM, IPS, Network devices and TCP/IP model, Ports and Incident analysis.- Good verbal/written communication skills. Review of daily health Check: LogRhythm, QRadar and their components.- Data Archiving and backup and data purging as per need and compliance.- Evidence collection for audits and documentation of all activities...
-
SOC Implementation Consultant
1 month ago
Mumbai, India Panchjanya HR Services Full time- Having good knowledge on SIEM, FIM, IPS, Network devices and TCP/IP model, Ports and Incident analysis.- Good verbal/written communication skills. Review of daily health Check: LogRhythm, QRadar and their components.- Data Archiving and backup and data purging as per need and compliance.- Evidence collection for audits and documentation of all activities...
-
SOC Implementation Consultant
3 weeks ago
Mumbai, India Panchjanya HR Services Full time- Having good knowledge on SIEM, FIM, IPS, Network devices and TCP/IP model, Ports and Incident analysis.- Good verbal/written communication skills. Review of daily health Check: LogRhythm, QRadar and their components.- Data Archiving and backup and data purging as per need and compliance.- Evidence collection for audits and documentation of all activities...
-
SOC Implementation Consultant
3 weeks ago
Mumbai, India Panchjanya HR Services Full time- Having good knowledge on SIEM, FIM, IPS, Network devices and TCP/IP model, Ports and Incident analysis.- Good verbal/written communication skills. Review of daily health Check: LogRhythm, QRadar and their components.- Data Archiving and backup and data purging as per need and compliance.- Evidence collection for audits and documentation of all activities...
-
SOC Implementation Consultant
3 weeks ago
Mumbai, Maharashtra, India Panchjanya HR Services Full time- Having good knowledge on SIEM, FIM, IPS, Network devices and TCP/IP model, Ports and Incident analysis.- Good verbal/written communication skills. Review of daily health Check: LogRhythm, QRadar and their components.- Data Archiving and backup and data purging as per need and compliance.- Evidence collection for audits and documentation of all activities...
-
SOC Infra
1 week ago
Mumbai, Maharashtra, India Sequretek Full timeSOC InfraJob Location Mumbai, IndiaAbout Us and VisionSequretek is one of the very few cybersecurity companies in the world, to offer their own AI-based security products around endpoint security, user access governance, and security monitoring. Sequretek has its 5 offices across US (New Jersey, Arkansas) and India (Mumbai, Delhi, Bangalore)...
-
SOC L2
2 weeks ago
Goregaon, Mumbai, Maharashtra, India NMS Consultant Full timeFrom 5 to 10 year(s) of experience ₹ Not Disclosed by Recruiter - Goregaon, Mumbai (All Areas) **Skills: - Splunk /Qradar - Configuration ,**Implementation**/**Administration** and Monitor Console & Dashboards and provide response to the reported incidents - Monitor **SIEM** **tool** health and perform rules fine tuning - Perform initial analysis for...
-
Ref660w-soc/siem (Arcsight/qradar/splunk)5-7
3 weeks ago
Mumbai, India WNS Global Services Full timeCompany Description **WNS (Holdings) Limited (NYSE**: WNS), is a leading Business Process Management (BPM) company. We combine our deep industry knowledge with technology and analytics expertise to co-create innovative, digital-led transformational solutions with clients across 10 industries. We enable businesses in Travel, Insurance, Banking and Financial...
-
Ref55o-soc/siem (Arcsight/qradar/splunk)5-7
3 weeks ago
Mumbai, India WNS Global Services Full timeCompany Description **WNS (Holdings) Limited (NYSE**: WNS), is a leading Business Process Management (BPM) company. We combine our deep industry knowledge with technology and analytics expertise to co-create innovative, digital-led transformational solutions with clients across 10 industries. We enable businesses in Travel, Insurance, Banking and Financial...
-
Network Security Administrator By Leading
2 months ago
Mumbai, India Skillventory Full time**Network Security Administrator by leading investment industry**: - From 3 to 6 year(s) of experience - ₹ Not Disclosed by Recruiter - Mumbai, Pune, Bangalore/Bengaluruor **Roles and Responsibilities** Should have worked in Support or Monitoring Function - Hands on experience of Administration, management and - monitoring of following equipment: -...
-
Ref660w-soc/siem (Arcsight/qradar/splunk)5-7
1 week ago
Mumbai, Maharashtra, India WNS Global Services Full timeCompany DescriptionWNS (Holdings)Limited (NYSE: WNS), is a leading Business Process Management (BPM) company. We combine our deep industry knowledge with technology and analytics expertise to co-create innovative, digital-led transformational solutions with clients across 10 industries. We enable businesses in Travel, Insurance, Banking and Financial...
