TalentXO
Information Security Consultant - SIEM/SOAR Tools
Job Location
noida, India
Job Description
Role & Responsibilities : - Devise a comprehensive log ingestion strategy - Create meticulous and effective correlation rules - Fine-tune log sources and correlation rules to enhance system efficiency - Contribute to the development of detection strategies based on industry best practices - Articulate a step-by-step process to ensure the ingestion of high-quality log sources - Monitor and optimize log sources for optimal performance - Serve as the subject matter expert (SME) in SIEM and SOAR, correlation, and log source ingestion - Leverage your in-depth knowledge of SIEM and SOAR and SOC practices to assess customer needs, provide tailored recommendations, and assist in the formulation of effective security strategies - Produce technical documentation detailing SIEM and SOAR aspects of the engagement Ideal Candidate : - 6 years of experience in deploying and integrating (SIEM) to enterprise to large enterprise-level - Deep expertise with load, transformation and correlation of sources such as Cloud, Endpoint, Firewall - Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using (SIEM) platforms - Architect-level individual with experience in SIEM (Splunk, Netwitness, QRadar, Arcsight etc.). Candidates with QRadar experience will be preferred. - Ability to perform Threat Hunting exercises from telemetry. - Extensive experience in creating and developing correlation and detection rules, within a SIEM to support alerting capabilities. - Strong Regular Expression skills. - A proven ability to offer suggestions on detection strategy based on customer requirements. - Knowledge of Security Analysis Response a plus, including both endpoint, network & cloud-based environments. - Strong technical skills in SIEM / SOAR tools and technologies - Experience in developing and implementing security strategies - Experience in conducting security incident response - Ability to define and design security controls based on NIST, CIS, CSA and other standards - Certifications such as CISSP, CISM, GIAC, SIEM Vendor Qualification would be a plus. - Excellent communication and interpersonal skills. (ref:hirist.tech)
Location: noida, IN
Posted Date: 11/24/2024
Location: noida, IN
Posted Date: 11/24/2024
Contact Information
Contact | Human Resources TalentXO |
---|