Microsoft sentinel, ELK in SIEM administration-SOC (3+yrs)

Dear Connections,

SOC Analyst

Mandatory Skills : ELK stack for SIEM, Microsoft Sentinel (Must)

Experience: Minimum 3-5 years of experience in Enterprise Elastic, kibana and

logstash (ELK stack for SIEM) administration. Which includes designing, deploying and

managing SOC environments & deploying Microsoft Sentinel Content Hub solution

• Configuring analytics, dashboards in ELK & sentinel products.

• Working experience in Linux, open sources products & cloud application is a must.

• Relevant certification on the latest track like CEH/ECE/SIEM admin will be an added

advantage.

• Flexible to work in 24X7 support environment

Key Responsibilities:

• Understand the requirements from customers / internal stake holders for

implementing Elastic stack SIEM on-prem or on SaaS environments.

• Configuring ELK stack with full high availability feature & maintaining.

• Configuring Azure stack with sentinel for threat detection and analysis

• Fine tune elastic , kibana & logstash for providing better performance.

• Understand the requirements of customers and expectations.

• Ensure logs are parsing, indexing according to industry standards.

• Should be well versed with data models and optimize queries.

• Build dashboards for reporting metrics for customers and internal stake holders.

• Using scripts like python, shell and salt for optimizing the environment.

• Using scripts like python, shell and salt for optimizing the environment.

• Onboard new customers data sources and parse data for monitoring.

• Automating rules and queries

• Customize elastic search queries, filters & visualizations for quicker results.

• Help Level1 & Level2 security analysts on investigations and analysis of incidents.

• Document all the requirements for supporting internal / external customers.

• Collaborate with other teams for onboarding devices into ELK stack.

• Ensure quality on case documentation, SLA timeframes and operational metrics or

met by team members.

Technical Skills:

• Strong Knowledge in windows, linux, networking, storage, VMware and SAP

Administration.

• Troubleshooting experience in enterprise environment.

• Strong understanding of OS/patch/security update/management.

• Disaster Recovery planning and conducting DR tests.

• Responsible for Standard Operating procedures issuance to incident management

team.

• Prepare Service delivery reports and participate in customer meetings

• Routine Performance Analysis, Capacity analysis, security audit analysis reports to

customer for

necessary planned changes

• Linux Vulnerability assessment and Mitigation

• Knowledge on Patch deployment solutions – Redhat Satellite, Salt

• Working knowledge on NON-stop servers.

Job Types: Full-time, Permanent

Pay: ₹600,000.00 - ₹700,000.00 per year

Work Location: In person