Job Description

Basic Qualifications:

• Engineering bachelor’s or equivalent degree with 8+ years of relevant cybersecurity experience in SIEM operations.

͏

Skillset Required:

• Strong domain knowledge and proven experience of handling/managing next-gen SIEM platforms (E.g. PA XSIAM, Splunk, QRadar, Securonix etc).
• Broad understanding of various security technologies and OS platforms including EDR/XDR, Proxy, Firewalls, WAFs, Cloud security tools which feed events data to SIEM.
• Exposure to log analysis using various security tools and operating system logs.
• Experience with MITRE ATT&CK Framework, Cyber Kill Chain, and NIST Cyber Security Framework and ability to fulfill the SIEM audit compliance requirements.
• Experience in leading SIEM team.
• Good technical skills to integrate a wide variety of SIEM log sources.
• Ability to fulfill compliance audit requirements.
• Good troubleshooting skills to resolve SIEM log interruption issues.
• Excellent communication skill to ensure good collaboration with multiple stakeholders.

͏

Job Responsibilities:

• Ensuring that relevant event logs from various log-sources are fed to the central SIEM tool, so that the SOC team can do effective detection of potential security threats.
• Ensure that any log interruptions issues are quickly identified and are resolved.
• Ensure all KPIs related to Log integration coverage, log interruption resolutions, SIEM audit compliance are fulfilled.
• Streamline and optimize the SIEM operations with Automation and AI tools.
• Effective team management and coaching skills.
• Effective reporting/dashboard skills for executive communication.