Job Description

As a SOAR Engineer, you will play a pivotal role in assisting our customers with seamless log migration and effective detection strategies. You will ensure the successful onboarding and ingestion of relevant log sources, adhering to industry best Practices And Meeting Customer-specific Requirements. Your Responsibilities Will Also involve devising suitable detection strategies to fortify our customers\' defences against threats, encompassing the design and implementation of correlation rules. Job Role Devise a comprehensive log ingestion strategy Contribute to the development of detection strategies based on industry best practices Articulate a step-by-step process to ensure the ingestion of high-quality log sources Monitor and optimize log sources for optimal performance Create meticulous and effective correlation rules Fine-tune log sources and correlation rules to enhance system efficiency Serve as the subject matter expert (SME) in SIEM and SOAR, correlation, and log source ingestion Serve as a trusted advisor to end customers, offering consultative guidance and expertise in optimizing utilization. Leverage your in-depth knowledge of SIEM and SOAR and SOC practices to assess customer needs, provide tailored recommendations, and assist in the formulation of effective security strategies Collaborate closely with customers to understand their unique challenges and objectives, translating them into actionable steps that enhance their security posture Identify opportunities to enhance analyst alert handling through automation Foster collaboration with internal and external teams to drive product adoption Produce technical documentation detailing SIEM and SOAR aspects of the engagement Candidate Profile 6-10 years of hands-on experience in deploying and integrating SIEM and SOAR solutions within enterprise to large enterprise-level environments Proficiency in coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring using SIEM platforms Define, create, and maintain SIEM correlation and detection rules for effective alerting. Familiarity with a range of SIEM and SOAR technologies, such as Splunk, QRadar Arcsight, Demisto etc. Proven experience in providing consultative services to end customers within the realm of cybersecurity, particularly in SIEM/SOAR and SOC domains Demonstrated ability to comprehend customer requirements, analyze complex security environments, and deliver strategic recommendations that align with their goals Strong expertise in Regular Expressions (Regex) Skill in understanding logs and locating relevant third-party documentation when Required Knowledge of generating reports on SIEM status, including metrics like logging source count, log collection rate, and other performance indicators Understanding of Security Analysis & Response, encompassing endpoint, network, and cloud-based environments is a plus Proficient in comprehending and creating technical design documentation Extensive experience with Security Operations Centers (SOC) tooling and processes Knowledge of Python Scripting is highly desired. Industry-recognized Qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.), will be a plus BE/BTech in Computer Engineering / Electronics & Communications Engineering or their equivalent

foundit