Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Security Information and Event Management (SIEM)

Good to have skills :

NA

Minimum

5

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities: 1. Design and implement log integration solutions using Splunk to collect, process, and analyze log data from various sources. 2. Develop and maintain custom log parsing logic using Splunk's SPL (Search Processing Language) and regular expressions. 3. Integrate Splunk with various log sources, including applications, servers, network devices, and security systems. 4. Troubleshoot log integration and parsing issues, identifying and resolving problems quickly. 5. Collaborate with development teams to implement logging best practices and ensure log data quality. 6. Work with security teams to implement security monitoring and incident response solutions using Splunk. 7. Develop and maintain documentation for log integration and parsing configurations. 8. Stay up to date with Splunk best practices, new features, and industry trends. 9. Onboard new log sources to the SIEM system, including Firewalls, Intrusion detection systems, servers, and applications. 10. Develop and maintain documentation for log onboarding and configuration 11. Collaborate with security teams to ensure log data is properly mapped to SIEM rules and alerts. - 10+ years of experience with Splunk, including log integration, parsing, and analysis. - Strong understanding of log data formats, including syslog, JSON, and XML. - Proficiency in SPL (Search Processing Language) and regular expressions. - Experience with log data sources, including applications, servers, network devices, and security systems. - Strong troubleshooting and problem-solving skills. - Excellent communication and collaboration skills. - Ability to work in a fast-paced environment and prioritize multiple tasks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk, including log integration, parsing, and analysis. - Tool proficiency: Splunk - Strong understanding of cloud security principles and best practices. - Experience with security incident response and threat management. - Familiarity with regulatory compliance requirements related to cloud security. - Knowledge of security tools and technologies used in cloud environments. Additional Information: - The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM). - This position is based at our Gurugram office. - A 15 years full time education is required.




15 years full time education