Job Description

Job Family Descriptor Experience in SIEM Tool like ArcSight, LogRhythm SIEM, Malware Analysis, Incident Response Experience in handling SOC customer in MSSP/multi-tenant environment Responsible for the technical Administration or troubleshooting in SIEM ensuring the efficient functionality of the solution Responsible for Incident Validation, Incident Analysis, Solution Recommendation, Good knowledge on implementation, installation, integration troubleshooting and overall functionalities of ArcSight Arc Sight/LR/QRadar platform administration, management experience, platform upgrade Experience in troubleshooting platform related issues, Data backup, restoration, retention Experience in creating content based on MITRE Framework Exposure to SOAR, alert aggregation, automation, Playbook creation ArcSight/LR rule base fine tuning, Ongoing log source modifications, Configuration/policy changes, General SIEM Administration, SIEM Content Development Troubleshooting of an incident within IT Security incident response teams of SOC. Maintains awareness of new and emerging cyber-attack threats with potential to harm company systems and networks. Devises and implements countermeasures to mitigate potential security threats. Assists with the development and maintenance of IT security measurement and reporting systems to aid in monitoring effectiveness of IT Security programs. Assists with the development, revision, and maintenance of Standard Operating Procedures and Working Instructions related to IT Security. Good Coordination skills with various other teams for faster resolution/completion. Good to have threat hunting knowledge. Broad outline of the Role Manage customer queries related to all services and solutions delivered includes complex customer issues diagnosing and thereby resolving and fixing Act as a conduit between customer and other teams such as engineering architecture etc for any issue resolution Provide L2L3 support to resolve hardwaresoftware issues by applying tehnical expertise Purpose - Broad objective of the role Operating Network - Key External Operating Network - Key Internal Size and Scope of Role - Financial Size and Scope of Role - No. of direct reports Size and Scope of Role - Total team size Size and Scope of Role - Other size parameters Minimum qualification & experience BE/B.Tech or equivalent with minimum 5 years of experience Work experience of minimum 4 years in SOC Incident Handling, Incident Response Trend Analysis, administration/monitoring of SIEM Tool like ArcSight, LogRhythm SIEM, Threat Intelligence, Malware Analysis, Ability to adapt and follow the processes and guidelines Possess an impeccable work ethic and a high degree of integrity Good Analytical & Problem Solving skills Able to communicate with technical staff/management Flexible to work after office and over weekend if required Highly motivated & customer centric Other knowledge/skills Key Responsibilities Technical Competencies Knowledge / Skills Communication Skills

foundit