Job Description

Company Name: VARITE India Private Limited
About The Client:
Client is an Indian multinational technology company specializing in information technology services and consulting. Headquartered in Mumbai, it is a part of the Tata Group and operates in 150 locations across 46 countries.
Essential Job Functions:

• Create innovative solutions to automate and reduce timeframes for operational changes and initial installation of the platform.
• Responsible for major SIEM client environmental changes including upgrades.
• Custom parser development.
• Should have good Regex skills.
• Threat detection use-case designing, implementation and fine-tuning.
• Create rules/dashboards for compliance and audit requirements.
• Security monitoring experience with one or more SIEM technologies (Like Sentinel, Securonix)

Qualifications:

• Skills Required: Cyber Security (SIEM Platform Engineer)
• Experience: 3 to 5 Years
• Strong understanding of security incident management, malware management and vulnerability management processes.
• Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP.
• Strong technical knowledge of Internet security, networking protocols, and related technologies including IDS/IPS, firewalls, content filtering, and packet inspection.
• Working knowledge of Powershell or Python.
• Experience with Linux and Unix operating systems.
• Working knowledge of the industry models such as the Cyber Kill Chains, Diamond Model and MITRE Telecommunication&CK framework

Essential Skills: (Must Have)

• Excellent knowledge of one of the SIEM products Sentinel, Securonix
• Excellent understanding and proven hands-on experience in SIEM concepts such as correlation, aggregation, normalization, and parsing
• Experience with Incident response and Security Operations Center operations
• Experience with deploying and managing a large SIEM deployment
• Excellent understanding of enterprise logging standards, with a focus on application logging
• XXX years of experience with Securonix, Splunk, ArcSight, QRadar, Sentinel SIEM systems
• Excellent knowledge of adversary tactics, techniques and procedures (TTPs) and MITRE Telecommunication&ACK Framework
• Excellent understanding of regular expressions, development of custom/flex Parsers
• Excellent Python and Unix Shell scripting skills
• Knowledge on overall GCP, AWS, Azure Cloud infrastructure
• Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies
• Excellent understanding of log flow from numerous services within GCP, AWS, Azure cloud and experience with integrating them with 3rd party logging tools including but not limited to Splunk, Qradar, ArcSight, Sentinel, Sumologic and Elastic Cloud
• Good Experience with syslog-ng i.e., configuring complex multi client-server infrastructures.
• 5+ years of network security and system security experience, supporting security event management tools (SIEMs)
• Excellent understanding of Cyber Security Operations, Incident Response processes
• Excellent understanding of web application architectures and web services
• Excellent communication skills
• Good understanding of networking concepts.
• Experience interpreting, searching and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation
• In-depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence.
• Ability to identify gaps in the existing security controls.
• Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content.

Desired Skills:
(Good to Have)

• Domain experience of Network Security and Cloud Security
• Security certifications such as CISSP, CEH, Security +
• Preferred experience developing SIEM strategies and implementing these strategies in a global organization
• 3-4 years previous SIEM engineering Experience.
• Detail-oriented with strong organizational and analytical skills.
• Good knowledge of IT including multiple operating systems and system administration skills

How to Apply: Interested candidates are encouraged to respond/submit their updated resumes, and for additional job opportunities, please visit
Unlock Rewards: Refer Candidates and Earn.
If you're not available or interested in this opportunity, please pass this along to anyone in your network who might be a good fit and interested in our open positions. VARITE offers a Candidate Referral program, where you'll receive a one-time referral bonus based on the following scale if the preferred candidate completes a three-month assignment with VARITE.
Experience Level Bonus Referral: 0-2 years INR 5,000
2-6 years INR 7,500
6+ years INR 10,000
About VARITE: VARITE is a global staffing and IT consulting company providing technical consulting and team augmentation services to Fortune 500 Companies in USA, UK, CANADA and INDIA. VARITE is currently a primary and direct vendor to the leading corporations in the verticals of Networking, Cloud Infrastructure, Hardware and Software, Digital Marketing and Media Solutions, Clinical Diagnostics, Utilities, Gaming and Entertainment, and Financial Services.
Equal Opportunity Employer:
VARITE is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based on race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, veteran status, or disability status.

Skills Required