SOC Admin
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Overview
We re searching for a SIEM Admin to assist our client 24 7 managed security operations center. This role is in Security Engineering Department responsible for the strategic technical and operational direction of the Security Engineering. This job description is not intended to be all inclusive; the employee will also perform other reasonably related business/job duties as assigned. SHQ reserves the right to revise job duties and responsibilities as the need arises.
Responsibilities
- Having good knowledge on SIEM FIM IPS Network devices and TCP/IP model Ports
and Incident analysis. - Good verbal/written communication skills. Review of daily health Check: Log Rhythm Qradar and their components.
- Data Archiving and backup and data purging as per need and compliance.
- Evidence collection for audits and documentation of all activities performed and recorded.
- Raising Change management tickets for SOC Admin activities and incidents at ticketing tool.
- Helping L2 with required knowledge base details and basic documentations.
- Coordination with SOC Monitoring team on troubleshooting issues and highlighting it to L2 L3 for further resolution and escalation.
- High ethics ability to protect confidential information.
- Also creation of active channels reports lists filters modifying the rules (fair knowledge) and dashboard.
- Update and maintain SOC knowledge base for new security incidents and docs.
- Creation of daily status report sheet and submit to SOC Admin lead for review.
- Troubleshooting nonreporting devices and maintain device status reporting
- Troubleshooting issues occurred on daily health check system notifications
- Creating change request tickets for SOC admin activities issues and incidents.
Essential Skills
- Escalation points for SOC Monitoring team.
- Experience in SIEM administration and Event flow architecture and different types of logs generated by devices like Windows Proxy Network Devices Database etc.
- Good understanding of Firewall IDP/IPS SIEM functioning
- Providing Inputs and Assisting to Prepare HLD LLD
- Deep understanding of Windows DB Mail cluster VM and Linux commands.
- Knowledge of network protocols TCP/IP and ports.
- Team Spirit and working ideas heading to resolution of issues.
- Good verbal/written communication skills.
- Tools: Good knowledge on: SIEM (Log Rhythm Qradar ArcSight)
- FIM (Tripwire)
- IPS/IDS (IBM CISCO)
- Firewall (Checkpoint Cisco ASA PA
Experience:
3 Y
Remote Work :
No
Employment Type
Full Time
