skillindiajobs
Register for Job
Hyderabad Jobs
Banglore Jobs
Chennai Jobs
Delhi Jobs
Ahmedabad Jobs
Mumbai Jobs
Pune Jobs
Vijayawada Jobs
Gurgaon Jobs
Noida Jobs
Oil & Gas Jobs
Banking Jobs
Construction Jobs
Top Management Jobs
IT - Software Jobs
Medical Healthcare Jobs
Purchase / Logistics Jobs
Sales
Ajax Jobs
Designing Jobs
ASP .NET Jobs
Java Jobs
MySQL Jobs
Sap hr Jobs
Software Testing Jobs
Html Jobs
IT Jobs
Logistics Jobs
Customer Service Jobs
Airport Jobs
Banking Jobs
Driver Jobs
Part Time Jobs
Civil Engineering Jobs
Accountant Jobs
Safety Officer Jobs
Nursing Jobs
Civil Engineering Jobs
Hospitality Jobs
Part Time Jobs
Security Jobs
Finance Jobs
Marketing Jobs
Shipping Jobs
Real Estate Jobs
Telecom Jobs

SIEM Admin

2.00 to 7.00 Years   Mumbai City   11 Feb, 2021
Institute of Information Security
Job LocationMumbai City
EducationNot Mentioned
SalaryNot Disclosed
IndustryIT - Hardware / Networking
Functional AreaGeneral / Other Software,Network / System Administration
EmploymentTypeFull-time

Job Description

  • Responsible to deploy, administer and fix SIEM (ArcSightQRadar, Splunk) components (ESM, ADP, Investigate, UBA, Indexers, Heavy Forwarders, Splunk Enterprise Security)
  • Responsible for on-boarding of log sources for supported and un-supported devices
  • Responsible for creating flex-development connectors for un-supported devices
  • Design HLDLLD for customers based on experience, best practices and understanding of customer environment
  • Responsible to work with SIEM (ArcSightQRadar, Splunk) content engineer to enhance Security Use-cases for SOC Environment
  • Responsible for the completion of SIEM (ArcSightQRadar, Splunk) Roadmap along with other team members in the SOC
  • Responsible to work and integrate Automated Incident Smart Response in the SOC
  • Supports definition and implementation of protocols to govern security assessment during on-boarding of new log sources
  • Data normalization and ETL within Splunk
  • Responsible for integration of logs and data feeds into Splunk through various methodologies, e.g. via syslog connectors, utilizing DB Connect to pull data from on-site databases
  • Managing all Splunk plugin configurations including ITSI and Enterprise Security
  • Managing and monitor the Splunk infrastructure for capacity planning and optimization
  • Installation of search heads, deployment servers, indexers Enterprise Security App
  • Manage Splunk knowledge objects (Apps, Dashboards, Saved Searches, Scheduled Searches, Alerts, etc.)
  • Manage and report on the activities and performance of the regional SOC team
  • Provide input to the SOC policies and procedures and correspondingly evaluate and update regional SOC policies and procedures to ensure SOC personnel follow uniform processes
  • Verify all SIEM components are functioning optimally
  • Provides valuable insight and input to the identification of information security risk within the regional and brand enterprises and recommends priorities for risk mitigation
  • Assists with patching recommendations and solution for zero-day threats
  • Coordinates with stakeholders internal and customer
  • Communicates with management on Project progress and activities assigned
  • Responsible to mentor other team members
  • Responsible to create Run-books for incident resolution and updating the incident response run-book database.
  • Responsible to conduct KT for client teams and internal SOC teams
  • Develop content, analytics and detection around threat actor s tactics, techniques procedures that is deliverable through our daily knowledge base updates
,

Keyskills :
environmental impact assessmentdata feedssecurity riskknowledge baserisk mitigationcapacity planningenterprise securityinformation securityoptimization strategies

APPLY NOW

SIEM Admin Related Jobs

© 2020 Skillindia All Rights Reserved