Job Description

At least one SIEM solution certifications with one or more SIEM/ Security solutions (i.e., RSA NetWitness, Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar Log Rhythm). o Minimum overall 5 years of experience in handling security related products & services in a reputed organization out of which 3 years' experience should be in SIEM solution. o Person should have adequate knowledge of security devices like firewalls, IPS, Web Application Firewall, DDOS, EDR, Incident response, SOAR and other security devices o Administration of SIEM environment (e.g.: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, change management, report management, manage backup and recovery, etc.) o Construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables) o Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics service o Identifies possible sensor improvements to prevent incidents o Collects/updates threat intelligence feeds from various sources o Creates situational awareness briefings o Co-ordinates with the different departments for incident analysis, containment and remediation o Liaise with Security monitoring team to discover repeatable process that lead to new content development o Provides engineering analysis and architectural design of technical solutions o Knowledge of networking protocols and technologies and network security o Sound analytical and troubleshooting skill
If only ArcSight experience or ArcSight+NGSOC pls check with the candidates
Job type- FTE