Security Engineers – (SIEM/SOAR/UEBA) (5 to 7 Years)
• Monitor console & dashboards of in scope solutions and provide response to the reported incidents.
• Perform initial analysis for known issues and provide the appropriate recommendations for closure.
• Integrate new devices procured by the client during the contract period with SOAR for logging and alerting
• Ensure compliance to Service Level Agreements (SLA), process adherence and process improvements to achieve operational objectives and mitigate threats Monitor & Reporting of system components health and take necessary action in case of any observed issue.
• Provide notification and communication with Incident management and respective
application team upon threat detection.
• Maintain the suitable architecture of the supplied solution
• Monitoring and coordination of SOC standard activities like backup, patching etc.
• Perform analysis on the reported incidents, determine the root cause, and recommend appropriate solution.
• Triage incidents based on an agreed threat matrix
• Provide necessary support during the Forensics investigation and threat hunting
• Hunt for security threats, identify threat actor groups and their techniques, tools and processes
• Perform analysis of security incidents for further enhancement of rules, reports, AI/ML models
• Using knowledge of the current threat landscape, threat actor techniques, and the internal network, analyze log data to detect active threats within the network. Build, document and maintain a comprehensive model of relevant threats to the client.
• Proactively identify potential threat vectors and work with the client's Security team to improve prevention and detection methods.
• Identify and propose automated alerts for new and previously unknown threats.
• Detection of cyber-attack, analysis of the attack and remedial action as per SLAs.
• Develop up-to 35 parsing rules if required for any non-standard logs during the entire contract period.
• Creating custom playbooks as per the client's requirement.
• Plan & perform change as per approval of the client
• Plan & table all Request for Changes (RFCs) for a Change Advisory Board (CAB) meeting, issues an agenda and circulates all requests for changes to Change Advisory Board members in advance of meetings to allow prior consideration
• Participate in all CAB and ECAB meetings - Anticipated business risk etc
...
