Administrator - Siem

Additional details

**Level**
- P2**Requirement location**
- India - Bengaluru**Number of Position**
- 1**Employment type**
- ML**Cluster/Group**
- Microland Delivery**Business Unit**
- US**Department**
- SOC - Tech Ops**Job Description**:
(Securonix)

OVERALL SKILL SET FOR SIEM
Øf0 In-depth experience of architecting and supporting on-premise and cloud-based security technologies.
Øf0 Strong security product skills, including experience of operating and supporting the following technologies:
- Endpoint detection and response (EDR) solutions like SentinelOne, Symantec, Tanium, TrendMicro
- Security Information and Event Management (SIEM) solutions like Securonix, ArcSight, QRadar, Splunk
Øf0 Knowledge and understanding of cloud security concepts, technologies, and best practices, including but not limited to, automation and secure containerization frameworks, directory services (e.g., Active Directory, LDAP), SSO, One-Time Passwords (OTP), encryption technologies and forensics.
Øf0 Knowledge of and implementation experience with cloud or on-prem security technologies, architecture and best practices that includes hands-on experience on hardening the security environments.
Øf0 Knowledge of and implementation experience with security technologies, including but not limited to, firewalls (WAF or Perimeter) configuration, two factor authentication, PKI, malware and intrusion protection and detection tools.
Øf0 Demonstrated knowledge and understanding of information security industry trends and emerging technologies, and an ability to relate them to the company and its objectives.
Øf0 Demonstrated experience with vulnerability and risk management, including performing security scans and risk assessments to identify potential vulnerabilities, track the remediation of findings to reduce risks.
Øf0 Demonstrated experience and understanding of cybersecurity incident management and response procedures 20 must demonstrate ability to perform and respond well in crisis situations.
Øf0 Demonstrated knowledge and understanding of information security standards, guidelines and frameworks such as ISO 27001/27002, NIST, COBIT or PCI.
Øf0 Experience with maintaining compliance regulatory and legal requirements such as GDPR, PCI.
Øf0 Fluent in one or more programming or scripting languages such as Bash, Powershell, Python, TCL, Java, PHP, Perl, C++, and Visual Basic.
Øf0 Authored SOC SOPs, playbooks, work instructions and/or other process documents Familiarity with Kusto Query Language (KQL) & Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL) and/or regex.
Øf0 Good verbal and written communication skills 20 Able to communicate, security and risk implications to technical and non-technical audiences.
Øf0 Ability to work independently managing multiple deadlines and deliverables
Øf0 Self-motivated and driven, capable of handling problems until resolved within accepted time tolerances 20 anticipates problems and identifies long-term implications of decisions and actions.
Øf0 Industry certifications (Desirable): CISSP, CISM, CISA, CCNA - SEC, CEH/OSCP, ITIL V3 Foundation, GCIH, Specific Certification on SIEM, EDR etc
Job Requirements
Øf0 Good understanding of system security (client, server, system hardening standards)keep up to date with the latest security and technology developments
Øf0 Research/evaluate emerging cyber security threats and ways to manage them
Øf0 Plan for disaster recovery and create contingency plans in the event of any security breaches
Øf0 Monitor for attacks, intrusions and unusual, unauthorised or illegal activity
Øf0 Test and evaluate security products
Øf0 Design new security systems or upgrade existing ones
Øf0 Fine tunning of existing Security monitoring systems
Øf0 Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
Øf0 Engag