SOC SIEM Integration SME
SOC SIEM Integration SME
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
A Cyber SOC Analyst SIEM Integration plays a crucial role in safeguarding organizations against cyber threats by designing enabling and implementing the gathering analysis and interpretation of data to identify potential risks and vulnerabilities. Heres a detailed job description for such a role:
Overview:
As a Cyber SOC Analyst SIEM Integration specialist you will be primarily responsible for the management of the SIEM platform which includes the design and implementation of integrations into SIEM configuration of alerts and the processes for responses. This role is not limited to leadership for managing and leveraging the SIEM you will partner with the SOC on related activities which can include incorporating other intelligence from various sources assess the relevance and provide actionable insights to enhance our cybersecurity posture.
Key Responsibilities:
SIEM Deployment and Administration:
Manage the SIEM platform including data ingestion normalization and correlation rules
Log Management and Analysis:
Gather analyze and interpret security logs from various sources (servers networks applications etc.) to identify potential security incidents and threats.
Threat Detection and Response:
Develop and implement security rules alerts and dashboards to detect malicious activity and respond to security incidents in a timely manner.
Content Development:
Create and maintain SIEM content such as correlation searches alerts dashboards and reports to improve threat detection and analysis capabilities.
Security Monitoring and Analysis:
Continuously monitor the SIEM system for security events analyze suspicious activity and investigate potential security breaches.
Data Source Integration:
Onboard normalize and maintain a wide variety of data sources into the SIEM including logs from various operating systems applications cloud environments and SaaS platforms.
Incident Response and Investigation:
Conduct indepth investigations into security incidents anomalies and breaches leveraging SIEM capabilities for forensic analysis and evidence gathering.
Security Automation and Orchestration:
Implement automation and orchestration capabilities within the SIEM to improve the efficiency and effectiveness of security monitoring and incident response processes.
Collaboration and Communication:
Collaborate with other security teams (SOC IT network application teams) business stakeholders and management to ensure effective security monitoring and incident response.
Documentation and Knowledge Management:
Maintain comprehensive documentation of SIEM configuration operational procedures and security findings for knowledge sharing and audit purposes.
Qualifications :
- Strong understanding of cybersecurity concepts and best practices.
- Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) or other relevant certifications.
- Experience with SIEM platforms (e.g. Splunk QRadar ArcSight).
- Knowledge of various security technologies (e.g. firewalls intrusion detection systems endpoint security).
- Proficiency in scripting languages (e.g. Python PowerShell).
- Proven Experience with log analysis and data visualization tools.
- Excellent analytical problemsolving and troubleshooting skills.
- Strong communication and interpersonal skills.
- Ability to work independently and as part of a team
Additional Information :
Note: Syngenta is an Equal Opportunity Employer and does not discriminate in recruitment hiring training promotion or any other employment practices for reasons of race color religion gender national origin age sexual orientation gender identity marital or veteran status disability or any other legally protected status.
Follow us on: Twitter & LinkedIn
India page
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
