Google Secops(L2)

Role: L2 Google SecOps Platform EngineerKey Responsibilities:Log Source & Device Integration: Onboard devices and integrate log sources with the SIEM platform.ITSM Integration: Connect assets with ITSM solutions and configure incident response workflows within SIEM.SIEM Content Development: Create and fine-tune SIEM rules, develop new use cases, and optimize existing ones.Threat Analysis: Identify emerging cybersecurity trends and attack techniques using investigations, threat intelligence feeds, and open-source intelligence.Operationalization: Implement and operationalize newly developed rules for effective threat detection.Threat Intelligence Integration: Incorporate incremental threat intelligence feeds into the platform.Testing & Deployment: Validate new use cases and rules, and deploy tested configurations into production.Incident Response Playbooks: Create and enhance incident response playbooks as required.Skills & ExperienceThe candidate must have a deep understanding of several of the following fields:Hands-on experience in configuring, managing, and optimizing Google Chronicle SIEM.Strong working knowledge of advanced endpoint detection and response tools such as SentinelOne, CrowdStrike, and similar solutions.SIEM Rule Development: Proficiency in creating detection logic, correlation rules, and custom use cases.Threat Intelligence: Experience integrating threat feeds and leveraging threat intelligence for proactive detection.Incident Response: Familiarity with IR workflows, playbook development, and automation.Scripting & Automation: Knowledge of scripting languages (Python, PowerShell) for automation and integration tasks.Security Frameworks: Understanding of MITRE ATT&CK, NIST, and other cybersecurity frameworks.Communication & Collaboration: Ability to work closely with stakeholders and cross-functional teams.Hands on experience in one more of the following computer languages PowerShell, Bash, Python, Java, C/C++ to support cyber threat detection or reporting.Education:Bachelor's degree in computer science, Engineering, Information Technology, related fieldMinimum of 5 years of professional experience in platform engineering SIEM & SOAR deployment, management, use cases development, content engineering and threat intel.Should have one of the following certifications: CISSP, OSCP, SIEM, CEH, CCNA Security, CHFI, CompTIA Security + etc.