TCL - SIEM Implementation - FTE

Please share CVs by tomorrow. Its very critical. Upload the CVs in the below JR and check duplicates.

JR

Designation

Role

Experience

Max CTC

Notice Period

No.of openings

Location

Assistant Manager

SIEM Implementation

3 Years

18 LPA (Including 12% variable pay)

Any

1

Chennai (All 5 days office)

Mandatory Skill :

LogRhythm Implementation experience

Note : Monitoring/SOC analyst profiles are not suitable for this role.

Job Description

The SIEM Architect works as an engineering team member of Managed Security Services (MSS). The candidate should possess deep technical knowledge on several security technologies; have a solid understanding of information security and networking. The MDR Engineer serves as a L3 SPOC for MSSP SIEM Primary for LogRhythm Forti SIEM & ArcSight EDR NDR & other security platform management & engineering tasks performs configuration and testing of products assists with developing and documenting work processes and trains other members of the team. The primary focus for this role is to act as a Subject Matter Expert for SIEM NDR EDR Platforms. (Microsoft Sentinel/Qadar/LogRhythm/ArcSight/Fortisiem) and be able to configure manage operate and administrate the platform for managed SIEM.

Responsibilities

* Ownership for the MDR Cloud SOC platform including SIEM EDR and other Security Solutions for MSSP.

* Solution Architecture Design deployment configuration tshooting operations and maintenance of infra network and supporting software related to the Cloud SOC environment.

* Responsible to manage end to end platform engineering for Cloud SOC solutions.

* Deployment of new MSSP SIEM Integrated solutions with other MDR components.

* Tshooting technical issues and maintaining stability to the platform.

* Evaluate new platforms for MDR by performing end to end POC and Validate the efficacy indetail. (Evaluation includes and not limited to SIEM EDR XDR SOAR NDR UEBA etc.

* Creating custom parsers & log source onboarding.

* Responsible to own the design & service documentation for the MDR services.

*Responsible for cross integrations with different security solutions using API and other methods.

* Design cloud SOC platform with optimized sizing as per business requirements with resilience model.

* Manage product enhancement / feature requests with vendors as needed.

* Performing optimization on the platform to increase overall performance.

* Carrying out capacity management for the platform.

* Maintain MDR demo infra up to date to showcase Simulate Detect & Respond flow end to end use cases.

* Engage in customer demo to showcase technical coverage on MDR service and its values.

* Responsible to integrate SIEM with external integration for Threat Feeds Vulnerability data & Management ITSM SOAR in optimized and resilience way.

* Should have scripting knowledge for automations and bring value.

* Create innovative solutions to automate and reduce timeframes for operational changes as well as delivery of the platform.

* Plan and Drive customer migrations from existing or onpremises platform to new Cloud SOC platform and standardize the proceeds for delivery.

* Effective interpersonal skills outofthebox thinking and ability to work with all levels of staff.

* Maintain strong attention to detail and troubleshooting skills effectively communicating between across various stakeholders and security teams.

Desired Skill sets

• Experience in Security Architecture design deployment administration tshooting & migrating SIEM & MDR systems (in both enterprises and in MSSPs) and exposure in customer onboarding & incident management lifecycle.
• Experience with various SIEM security products preference to LogRhythm Arsight and Forti SIEM. Having knowledge and experience on other solutions like Microsoft Sentinel Qradar and infrastructure components such as proxies firewalls IDS/IPS DLP etc. is an additional advantage.
• Strong understanding of Infra Management VM ware Hypervisor Storage Management etc.
• Experience working with Internal and client Ticketing and Knowledge Base Systems for Incident and Problem tracking as well as procedures.
• Platform engineering & vulnerability management.
• Capacity Management Skills to manage MSSP platforms.
• Strong Custom log parsing skills
• Strong Log source onboarding skills with different techniques.
• Good Scripting skills to bring in automation & other values adds.
• Experience on working with networks and network architecture.
• Good experience on Security Architecture Designing Solutioning & implementation for Different Security solutions.
• Prior experience working closely with product and devops engineer on security requirement.
• Experience on Security Product evaluation and creating complete detailed technical POC reports.
• Must have good security knowledge with Any one certificate below is an advantage. (GIAC CISSP CCSK CCSE CISA HBSS NSA Cisco Security Security and other SIEM Vendor security certifications).
• Proficiency in core security concepts including cloud skills networking and architecture.
• Understanding on VM creation LUN mapping & Storage alignment activities.