PS Consultant - Security Information and Event Management
PS Consultant - Security Information and Event Management
Posted on :
15-09-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Company Size
Largescale / Global
Experience Required
6 8 years
Working Days
5 days/week
Office Location
Uttar Pradesh Noida
Role & Responsibilities
- Devise a comprehensive log ingestion strategy
- Create meticulous and effective correlation rules
- Finetune log sources and correlation rules to enhance system efficiency
- Contribute to the development of detection strategies based on industry best practices
- Articulate a stepbystep process to ensure the ingestion of highquality log sources
- Monitor and optimize log sources for optimal performance
- Serve as the subject matter expert (SME) in SIEM and SOAR correlation and log source ingestion
- Leverage your indepth knowledge of SIEM and SOAR and SOC practices to assess customer needs provide tailored recommendations and assist in the formulation of effective security strategies
- Produce technical documentation detailing SIEM and SOAR aspects of the engagement
Ideal Candidate
- 6 years of experience in deploying and integrating (SIEM) to enterprise to large enterpriselevel
- Deep expertise with load transformation and correlation of sources such as Cloud Endpoint Firewall
- Coordinating and conducting event collection log management event management compliance automation and identity monitoring activities using (SIEM) platforms
- Architectlevel individual with experience in SIEM (Splunk Netwitness QRadar Arcsight etc.). Candidates with QRadar experience will be preferred.
- Ability to perform Threat Hunting exercises from telemetry.
- Extensive experience in creating and developing correlation and detection rules within a SIEM to support alerting capabilities.
- Strong Regular Expression skills.
- A proven ability to offer suggestions on detection strategy based on customer requirements.
- Knowledge of Security Analysis Response a plus including both endpoint network & cloudbased environments.
- Strong technical skills in SIEM / SOAR tools and technologies
- Experience in developing and implementing security strategies
- Experience in conducting security incident response
- Ability to define and design security controls based on NIST CIS CSA and other standards
- Certifications such as CISSP CISM GIAC SIEM Vendor Qualification would be a plus.
- Excellent communication and interpersonal skills.
cloud security,network security,security,cissp,soar,correlation,nist,cis,endpoint security,management,security incident response,correlation rules,threat hunting,giac,splunk,siem,security strategies,log sources,csa,cism,netwitness,cloud,qradar,regular expression
Employment Type
Full Time
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
