Assistant Manager-Captive Operations - Captive Operations Tata Communications Limited

0.0 years

0 Lacs

jaipur, rajasthan, india

On-site

Job Description Responsible for end-to-end implementation and configuration of SIEM(LogRhythm) and SOAR(Cortex) solutions across customer environments Onboard diverse log sources (cloud, on-prem, endpoint, network) into the LogRhythm SIEM platform and normalize data(Including Supported and Non Supported Devices) Design and implement Standard and Custom detection rules, dashboards, and Reports. Including UEBA, NBA, MITRE, Logsource based and Cross Correlation Usecases Collaborate with SOC, threat intel, TPM and Internal teams to enhance security posture and streamline incident response. Troubleshoot log ingestion and parsing errors. Implement threat intelligence integration to enrich alerts and improve contextual awareness. Ensure compliance with security best practices, frameworks (e.g., MITRE ATT&CK, NIST) Provide documentation, runbooks, LLDs to Operations team as part of Handover Stay current with emerging threats, tools, and technologies in the SIEM/SOAR ecosystem. Collaborate with Assurance team to ensure Smooth handover of projects, follow and adhere to defined Responsibilities Design, implement, and maintain LogRhythm SIEM, Cortex SOAR, and LogRhtyhm UEBA solutions across cloud and on-premise environments. Collaborate with stakeholders to gather and analyze security monitoring and automation requirements. Onboard, parse, and normalize data from diverse log sources including cloud (AWS, GCP, Azure), EDRs, firewalls, proxies, and identity systems. Develop and fine-tune correlation rules, detection use cases, and alerting logic based on attacker TTPs (aligned to MITRE ATT&CK). Configure and customize UEBA models to detect abnormal user and entity behavior (e.g., data exfiltration, lateral movement). Integrate third-party threat intelligence feeds for enrichment and contextual detection. Conduct testing, tuning, and validation of detection and response logic to reduce false positives and improve fidelity. Provide Level 2 support for SIEM/SOAR/UEBA issues during project delivery lifecycle and work closely with SOC, TPM and Customer teams Prepare technical documentation, runbooks and LLDs Continuously monitor industry trends, product updates, and threat intelligence to improve detection coverage. Desired Skill sets Hands-on experience with SIEM platforms Experience with SOAR platforms Proficiency with UEBA solutions Strong understanding of log parsing, normalization, and data onboarding using Syslog, APIs, agents, or collectors. Expertise in developing correlation rules, detection logic, and custom parsers. Experience building and maintaining OOTB SOAR playbooks for automated incident response. Familiarity with behavioral analytics, anomaly detection, and machine learning models in UEBA systems. Knowledge of network protocols, Network logging, OS Logging,endpoint telemetry, and cloud security logging (e.g. VPC flow logs, CloudTrail, Azure Activity Logs). OEM Certifications CEH, Comptia Security+ or similar CSP Security Certifications(Ex. AZ-500)

Posted 2 days ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.