Job
Description
Job Overview St. Fox is looking for a proactive and seasoned L2 - Next-Gen SIEM Security Engineer to join our skilled team in Bengaluru/Pune. This onsite role involves direct collaboration at our esteemed customer's location, offering a stimulating environment with substantial opportunities to enhance your professional growth and technical expertise. You will be instrumental in the administration, management, and optimization of cutting-edge Next-Gen SIEM/EDR platforms, focusing on threat hunting, detection rule development, and fostering a strong security : Administer and provide comprehensive management support for CrowdStrike Next-Gen SIEM/EDR solutions, ensuring their optimal performance and configuration. Perform proactive threat research and threat hunting to identify emerging tactics, techniques, and procedures (TTPs) and translate these insights into actionable detection requirements using an intelligence-driven approach. Develop, thoroughly test, and deploy high-fidelity CrowdStrike Next-Gen SIEM detection rules to enhance the customer's security monitoring capabilities. Collaborate effectively with Security Analysts to create detailed playbooks for triage and response specifically for actionable high-fidelity detections, streamlining incident handling. Work closely with SIEM architects to develop and define best practices for parsing and normalizing data to a common event schema, ensuring consistency and usability of security logs. Build and maintain utilities and tools to enable the managed security services team to operate quickly, efficiently, and at a large scale. Analyze security data, such as logs or packet captures, from various sources within the enterprise environment and draw accurate conclusions regarding past and potential future security incidents. Develop and maintain clear, concise processes and documentation for all security operations, configurations, and incident response Skills & Qualifications : B.Tech/B.E/BCS, BCA with sound technical skills. Minimum 5+ years of hands-on experience supporting SIEM/SOAR platforms, Threat Hunting, and various Security solutions and technologies. Strong command of both verbal and written English language. Demonstrated ability to combine technical acumen with critical thinking abilities to solve complex security challenges. Strong interpersonal and presentation skills, capable of articulating technical concepts to diverse Skills : Certification in any of the SIEM platforms (Splunk, Sentinel, QRadar, Elastic SIEM). Certifications such as CEH (Certified Ethical Hacker), CompTIA Security+, CompTIA Network+, CCNA (Cisco Certified Network Associate). Direct experience with CrowdStrike products, particularly their SIEM/EDR capabilities. Experience with incident response processes and procedures. Knowledge of scripting languages for automation (e.g., Python) (ref:hirist.tech) Show more Show less
