Job Description

Job Family Descriptor

Need expert on SIEM platform (Platform Administration, Parser & Use case development, Playbooks, Log Source troubleshooting skills & Threat feeds integration) & Should have worked on LogRhythm or at least process knowledge on LR .

Broad outline of the Role

Need expert on SIEM platform (Platform Administration, Parser & Use case development, Playbooks, Log Source troubleshooting skills & Threat feeds integration) & Should have worked on LogRhythm or at least process knowledge on LR

Purpose - Broad objective of the role

• Extensive Experience of LogRhythm SIEM/EDR implementation and administration
• Must have good understanding of SOAR, UEBA, EDR technologies and of various threat intel platform, Anti phishing, Anti Malware NBAD etc..
• Responsible for conducting information security investigations as a result of security incidents identified by the Level 3 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone).
• Act as a point of escalation for Level-3 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques.
• Should have experience in developing new correlation rules & Parser writing

Operating Network - Key External

Operating Network - Key Internal

Size and Scope of Role - Financial

Size and Scope of Role - No. of direct reports

Size and Scope of Role - Total team size

Size and Scope of Role - Other size parameters

Minimum qualification & experience

• Min. 7 years\' experience from a security analysis role and from BFSI vertical will be added advantage

Other knowledge/skills

• Reporting and provide information to L3 Engineer.
• Log incidents and track them via incident management tool (Manage engine)

Technical Competencies

• Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation.
• Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies.
• Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures.
• Follow ITIL practices regarding incident, problem and change management.

Key Responsibilities

• Have a solid understanding of enterprise environments including networking, web services, databases, operating systems, etc.
• Experience in Cyble Deep & Dark, threat Intelligence platform. IZOOlogic for Brand Protection threat or similar Intel intel platforms. Anti phishing, Anti Malware.
• Ensure SLA are achieved & work proactively to maintain the same.
• Keep track of latest threats and vulnerabilities
• Min. 7 years\' experience from a security analysis role and from BFSI vertical will be added advantage
• Flexible to work in 10x6 environment

Knowledge / Skills

Communication Skills

Tata Communications