L4 Technical Specialist - SIEM (10-15 yrs)

Our Client, A Leading IT Services company is looking out for a Technical Specialist - L4 - SIEM (QRadar/Arcsight/Logrhythm/MS Sentinel/Splunk) to be based at Chennai.

Requirement Brief :

We are looking for a resource with minimum 10 years' experience for the SOC Manager position with experience in two different skill areas (SIEM : IBM Q Radar(Mandatory) + NBA (Stealthwatch) / Firewall (Palo Alto) / EDR (Trend Micro) / DLP(Forcepoint).

Experience :

- Total experience of 10 years out of which minimum 7 years of experience in handling security related products & services in an organization of repute.

- Minimum experience of 2-3 years as L3 level.

Skills :

- Experience in 2 or more areas of security like (Firewall, Anti- ATP, NIPS, WAF, Anti-DDoS, Web proxy, endpoint & web DLP, NAC, Privilege Identity Management, NBA, MDM, EPP, EDR, Anti-ATP and other security devices).

- Person should have adequate knowledge of Security Orchestration Automation and Response (SOAR), Security Incident and Event Management (SIEM) solutions and Database Access Management (DAM) solutions.

- Overall knowledge/experience of Architectural Design and Best practices on Network and Cyber Security.

- Experience in construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables)

- Experience in packet level analysis

- Experience in Threat Hunting

- Experience in Designing and deploying use cases for SIEM and other security devices.

- Continuously monitor security alerts and events to identify potential security incidents or threats.

- Develop and implement incident response plans to address security breaches and mitigate potential damage.

- Conduct regular vulnerability assessment and penetration testing to identify and remediate security weaknesses.

- Mandatory Certification : At least one Security certifications PMP/ITIL expert/CISA/CISM/CISSP/CEH.