Job Description

Responsible for SIEM and SOAR platform (On-prem/SaaS) in terms of administration and management ( should be currently performing this role). Ensuring SOC platform and service uptime. Efficient management of the SOC platform to ensure proper performance. Log Source Integration to include development of custom parsers for non-supported log sources. Integration with other platforms like Threat Intelligence. Configuration of SOAR plugins, SOAR integration and SOAR Playbooks. Troubleshooting of the SIEM and SOAR platform. Coordinating with OEM TAC for Open issues for Platform and timely getting it resolved. Configuration of rules reports and dashboards based on inputs from monitoring team. Documentation of RCAs for major incidents Other skills required Ability to interact and manage customer stakeholders in the context of platform management. Good team working skills and communication. Technology and skills: SIEM: IBM QRadar OR LogRhythm OR Microsoft Sentinel OR Splunk OR other industry leading SIEM platforms SOAR: Paloalto Cortex XSOAR is preferred or any other industry leading product. Threat Intelligence and Brand Monitoring (Cyble, MISP, etc.) ISTM tools - Freshservice is preferred or any other industry leading product. Scripting: Regex is mandatory, Python (intermediate). OS: Windows and Linux (intermediate skills) Basic working knowledge of industry leading cloud service providers like Microsoft Azure, AWS, GCP, etc. Good knowledge of security domain is mandatory.