Job Description

JOB DESCRIPTION Role Proficiency: Provide support across SIEM or EDR technologies for global customers and ensure that the platforms are functioning as expected. Conduct checks and perform basic triage for global customers under minimal supervision and guidance of senior team members. Outcomes: Conduct Health checks for a single or multiple platform types following guidance. Escalate issues observed. Forward to a senior team member for review to ensure proper visibility of issues before they become incidents. Where appropriate assist with service requests for platform types such as access requests to ensure optimal delivery for internal and external stakeholders. Participate in maintenance activities to help with improving understanding of the architecture of platforms supported as well as self awareness building proficiency for supported toolsets. Develop skills around the cyber security methodologies and requirements for the various platform technologies which are being supported providing efficient customer service Follow relevant in-life processes tracking any escalation pipelines and pathways required to ensure consistency of application provided to the customer. Measures of Outcomes: Percent of Adherence to processes and methodologiesa.Percent of adherence to SLAs for in life ticketing processesb.Percent of adherence to workflows and the completeness of audit trails for any activities Productivity score maintaineda.Number of issues identified early to pinpoint problems with delivering tasks or workload.b.Number of issues with effective evidence provided for escalations during triage. Number of relevant skill related training and development activities undertaken evidenced by certification. Outputs Expected: Platform Health Monitoring: Support Service Requests and first level Incident support Proactive identification of issues with behavioural analysis/patterns identified. Conduct daily and regular occurring service tasks with minimal supervision to ensure daily operation of the platform supported. Customer Focus: Ensure customer specific processes are being followed and adhered to at all times Undertake mandatory and proactive learning and development opportunities. Skill Examples: Good communication skills Ability to work as part of a team Ability to understand basic computing technologies. Aptitude in working with a/multiple SIEM or EDR technologies Capable in working as part of a shift Ability to work with querying data and the role of a SIEM/EDR Ability to demonstrate analytical skills working across multiple technologies and customers Knowledge Examples Knowledge of Security Operations and Incident Management Knowledge of IT Infrastructure and basic networking concepts Knowledge of a query language / regular expressions Understanding of ISMS Desirable: Certifications in IT infrastructure / SIEM / EDR / Ethical Hacking Additional Comments: NAThe SIEM Expert will be part of CyberProof\'s SOC group, focusing on SIEM technologies. The role requires a details-oriented professional who will provide SIEM support to our pre-sales teams and support the delivery of SIEM solutions to our customers.The SIEM Expert will be called upon to understand the customer requirements and recommend the appropriate SIEM solution to meet those requirements. The SIEM Expert will support the SIEM solution with Architecture and Design documentation.This role is an excellent opportunity for an individual with strong technical, communication, and customer facing skills. WHAT YOU WILL BE DOING: . Understand customer requirements and recommend best practices SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operations. Developing new SIEM rules, correlations, dashboards to meet the customer needs. Design and document a SIEM solution to meet the customer needs. Assist in the creation and verification of Statement of Work (SOW) documentation. Assist pre-sales with SIEM sizing, Architecture, RFP\'s and client technical meetings. Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices. Assist client with technical guidance to configure end log sources in-scope to be logged to the SIEM. Verification of data of log sources in the SIEM follow the Common Information Model (CIM). Document the build of the SIEM solution Requirements:. Experience with Azure Sentinel SIEM platform.. University degree in information security or equivalent work experience. Minimum 4 years experience in a similar role. Preferred SIEM vendor certification of administrator. Experience and proficient in UNIX/Linux Open Locations :Hyderabad, Bangalore, Chennai, Noida, Pune, Kochi, Trivandrum

Monster