SIEM Engineeer

"Essential Job Functions:- Individuals at this job are responsible for managing SIEM infrastructure like Microsoft Azure Sentinel and / or other SIEMs Working knowledge of Microsoft Azure cloud platform, log analytics workspaces. Excellent knowledge of KQL (Kusto Query Language). Writing SIEM rules (Cross device and complex correlation) to implement detection in Microsoft Azure Sentinel and / or other SIEM. Creating playbooks to implement SOAR in Microsoft Azure Sentinel. Integration of log sources with Azure Sentinel and ArcSight. Excellent knowledge of Logstash, ELK. Creating and implementing logic apps in Azure Sentinel. Creating workbooks to implement dashboards and apps. Read coded scripts and modify and debug programs. Develop custom parsers to parse logs from different sources including firewalls, operating systems, applications, etc. Work on various operating systems and platforms."