Splunk Admin /Developer Immediate Openings with LKQ India _ Bangalore

Hope you are doing good!

Excellent Opportunity with LKQ India (Fortune 500 Company & Nasdaq Listed) at Bangalore location.

Experience: 8 13 Years

Work Location: Bannerghatta Rd, Bangalore

Role:: Permanent

Job Description:

• Configure and Administer Splunk SIEM (Security Incident and Event Management) tool.
• Administer Email Gateway technologies (Microsoft Defender /Abnormal Security).
• Zscaler proxy log analysis and leverage for investigation.
• Crowdstrike Endpoint detection and response platform and policy management.
• Analyze and assess security incidents and escalate to appropriate internal teams for additional assistance.
• Responsible for investigating incidents, analyzing attack methods, researching new defense techniques and tools, developing security policy, and documenting procedures for SOC.
• Malware analysis and other attack analysis to extract indicators of compromise. Perform data security event correlation between various systems.
• Prepare reports, summaries, and other forms of communication that may be both internal and client facing.
• Periodic upgradation/creation of correlation rules based on emerging threats and requirement following MITRE Attack US-Cert and other TTP sources.
• Lead Information security analyst, having an experience of 4+ years in incident management, log analysis and troubleshooting of network and security related issues.
• Comprehensive management and technical experience in building and leading large-scale SOC (Security Operations Center)
• Strong hands-on experience in security management tools like Splunk Security Incident and Event Management (SIEM)
• Good experience in working/communicating with cross-functional IT infrastructure teams like network, system, database, application, security to build and manage effective security operations.
• Building Security Operations Center and/or Incident Response Team from scratch.
• Implementation-of and building-content-in technologies like SIEM, SOAR and Cloud Security Solutions.
• Building Security Metrics that will help customers/management to understand the effectiveness and gaps in Incident Management and over all Cyber Security posture.
• Working with customers – requirement gathering, on-boarding, technical discussions, report walk-throughs.
• Working alongside teams like Compliance and VAPT
• Exposure to related areas of cybersecurity including Host Security, Network Security, IAM, Vulnerability Management, Penetration Testing, Compliance etc.
• Develop security scope, KPIs, policies and procedures for various SOC activities.
• Defined workflows for the day-to-day operations of SOC
• Ensure timeline, scope, quality & resource is managed accordingly with committed deliverables. Developed Playbooks for analysis and incident remediation
• Participate in security design discussion with various teams (technical and management) and provide advice on how SOC can be used effectively. Installing, updating, upgrading SIEM solution.
• On-boarding log sources and working on log source issues.
• Create and fine-tune content in SIEM – Correlation Rules, Dashboards, Reports, Lists etc.
• Interact with SIEM vendor TAC (support) to fix any issues with SIEM.
• Mentor L1 and L2 security analyst. Assist in analysis of P1 alerts and alerts that require involvement of multiple teams.
• Evaluate new solutions for SOC team.
• Experience in creating reports and KPIs for C-level audience.
• Experience of Integrating tools with SOAR and designing incident response workflows in SOAR platform.
• Hands-on Experience in writing custom scripts (Python and Regex) for task automation.

Interested candidates, kindly fill up the below details and share updated resume to ajupendra@LKQCORP.com

Years of Experience::

Current CTC ::

Excepted CTC ::

Current Location ::

Currently you have PF / Provident Fund deduction with your company ? ::

Notice Period ::