We are seeking candidates for a oneyear contract position with the following responsibilities:
Data Parsing: Configuring data parsers to normalize and categorize log data for analysis.
Rule Creation: Developing and maintaining correlation rules to detect security incidents and anomalies.
User Access Control: Managing user roles and permissions for the SIEM platform.
Log Retention and Archiving: Defining data retention policies and ensuring log data is archived for compliance and forensic purposes.
Software Updates and Patch Management: Keeping the SIEM software up to date with the latest patches and updates.
Integration with Other Security Tools: Integrating the SIEM with other security tools such as intrusion detection systems (IDS) and vulnerability scanners.
FineTuning: Continuously optimizing the SIEM to reduce false positives and improve detection accuracy.
Compliance Reporting: Generating reports and alerts to comply with industry standards and regulations.
Log Source Management: Adding new log sources as the organizations IT environment evolves.
Disaster Recovery Planning: Developing and testing disaster recovery plans to ensure the SIEMs availability during critical incidents.
Performance Monitoring: Monitoring the SIEMs performance and scalability ensuring it can handle the volume of log data.
Log Data Storage: Managing the storage infrastructure for log data including backups and data retention policies.
Threat Intelligence Integration: Integrating threat intelligence feeds to enhance the SIEMs ability to detect new threats.
Vendor and Support Management: Coordinating with SIEM vendors and support providers for technical assistance and updates.
Security Policy Enforcement: Ensuring that the SIEM helps enforce security policies and compliance requirements.
Evaluating logs from each log source and enhancing them.
Immediate joiners only or 30 days notice available for an interview anytime.
Contact:
Phone:
Email:
Location: Thane Solace KSA Remote
software updates and patch management,rule creation,intelligence,performance monitoring,fine-tuning,vendor and support management,log analysis,security policy enforcement,log source management,archsight,disaster recovery,compliance,siem,compliance reporting,integration,security,log data storage,user access control,data,data retention,splunk,log retention and archiving,disaster recovery planning,qradar,it,threat intelligence integration,management,integration with other security tools,data parsing