Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Security Information and Event Management (SIEM)

Good to have skills :

NA

Minimum

3

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities: -Monitor, analyze security alerts from SIEM platforms and other threat detection systems to identify potential security incidents by following established processes. -Design and optimize complex search queries; create and maintain custom dashboards, alerts, and reports to improve visibility and detection capabilities. -Collaborate with IT, infrastructure, and application teams to manage and resolve security incidents effectively. -Lead and participate in security incident response activities, ensuring accurate documentation and closure of incidents. -Improve SOC operations by enhancing processes, developing playbooks, and updating standard operating procedures (SOPs). -Mentor and support junior analysts by providing guidance and resolving escalated alerts. -Conduct deep-dive investigations into advanced or persistent threats and track incidents through to resolution. -Actively participate in and lead client meetings, providing technical input and updates on ongoing incidents or improvements. -Identify and reduce false positives through alert fine-tuning and continuous rule optimization. -Apply knowledge of threat models, threat intelligence, and attacker techniques (e.g., MITRE ATT&CK) to enhance detection strategies. -Administer core SIEM components, including deployment servers and indexers, ensuring high availability and performance. -Contribute to building and enhancing detection content, such as correlation rules and threat detection logic. Professional & Technical Skills: -Experience working as SOC analyst. - Strong Understanding of tools like SIEM, CrowdStrike, MS Defender, Proofpoint, Azure, IDS/IPS. - Strong Understanding of TCP/IP, DNS, DHCP, HTTP/HTTPs, VPN - Basic understanding of Windows/Linux command line tools. - Log analysis from operating systems, firewalls, etc. - SIEM/SOC operations experience for very large enterprises. - Knowledge on MITRE/CKC framework. Additional Information: - The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM). - This position is based at our Bengaluru office. - A 15 years full time education is required.




15 years full time education