Lead Security Engineer - SIEM Technology

1. Ensure the day-to-day operations and maintenance of the organization's cyber security infrastructure and controls to protect systems, networks, and data.
2. Ensure coverage and effectiveness of security operations and deployed solutions
3. Ensure optimum security, availability, performance, and capacity of security solutions under management.
4. Configuration, Monitoring & Troubleshooting of SIEM, SOAR, UEBA, NBAD, Threat Intel, Deception etc. 5.Responsible for Firmware upgrades, closing of Audit points/Vulnerabilities, Creation of Security Policies, Fine tuning of exiting Policies, Configuration Backups, Event Log Monitoring, Threat Intel integration, Signature finetuning etc.
5. Ensure & maintain up-to-date documentation - SOPs, Architecture digrams etc. to remove dependency on people
6. Manage configuration changes and deployments according to established change management processes, ensuring minimal disruption and

adherence to best practices.

1. Ensure hardening, latest stable version and security patches of security devices and solutions
2. Track EOL/EOS and ensre that there no technology obsolescence.
3. Ensure resolution of incidents and outages, coordinating with internal teams and external vendors to restore service within agreed-upon SLAs.
4. Handle escalations and run the smooth operations of security solutions.
5. Identify & analyse pain areas in existing security operations & implement improvements
6. Handle operational issues which require design/technical inputs.
7. Ensure compliance with regulatory requirements, security policies, and security frameworks such as ISO 27001, NIST, or CIS
8. Publish the relevant dashboards and status updates. 16.Escalate deviations and violations in a timely manner.

IIIRequirements

1. Sound experience in managing SOC technologies and operations in a large and complex environment.
2. Should have sound understanding & knowledge of various SOC technologies & techniques like SIEM, SOAR, UEBA, NBAD, Threat Intel, Deception etc.
3. Should have hands on experience on SOC platform administration, LOG Source integration, Playbook, Usecase engineering, incident response techniques and technologies. Finetune, configuring and thresholds for SIEM and vulnerability tools.
4. Should have knowledge & understanding of IT infrastructure & networking technologies, operations and security principles. Ability to analyze endpoint, network, and application logs. Knowledge of various security methodologies and technical security solutions.
5. Should prepare and implement the use cases for SOC monitoring team able to provide proactive threat hunting to detect incidents.
6. Should have sound understanding about Threat Hunting, Mitigation and Response.
7. Strong understanding of Regulatory security guildelines & master directions and security frameworks such as ISO 27001, NIST, or CIS.
8. Should be well versed with ITIL and ITSM practices.

(d) Skills:

1. Exceptional analytical, conceptual thinking, Troubleshooting and problem-solving skills.
2. Strong leadership, negotiation, and conflict resolution skills.
3. Detail-oriented with a focus on quality and accuracy in project/service deliverables
4. Should have strong written, verbal and presentation skills.
5. Ability to perform under pressure, influence stakeholders and work closely with them to determine acceptable solutions.