Security Consultant - SIEM Administrator

Should have work experience with multiple SIEM solutions and deep understanding of SIEM Architecture and components [Mainly Qradar SIEM].Should have design and deployment of SIEM and SOAR solutions, primarily in Qradar SIEM.Extensive experience in rebuilding and restoration of SIEM and SOAR solutions and components.Should have experience in research and development of new correlation/MITRE based use cases based on new global trendsShould have extensive hands-on experience in SIEM and SOAR Administration and troubleshooting [Mainly Qradar SIEM].Must have extensive knowledge in new SIEM Implementation and deployment with DC-DR, HA setup and configurations [Mainly Qradar SIEM].Should coordinate with Engineering Lead and ensure the SIEM projects are delivered on time, and in-line with Customer expectation and best practices.Excellent understanding and proven hands-on experience in SIEM concepts such as correlation, aggregation, normalization, and parsing.Act as the final escalation point for SIEM-related incidents and operational issues.Design, develop, and optimize advanced correlation rules, dashboards, reports, and custom parsersLead investigations of advanced and complex cybersecurity incidents and threatsAct as an escalation point for L1/L2 analysts for incident triage, analysis, and remediation.Experience in SIEM Version Upgrade, Patch Upgrade, WinCollect Version Upgrades.Must have proven experience in Log Sources Integration & Troubleshooting [DC and Cloud].Strong skill set in custom log sources integration & parser development.Should perform regular health checks and maintain the SIEM platform effectively.Should have work experience in UBA & Rules and Tuning of UBA app.Experience in Use Case conceptualization, configuration & testing.Responsible for Apps Installation, Troubleshooting & App host Management.Understanding about threat scenarios, threat vectors and logs to arrive at identify new threats.Analyse existing SIEM rules to optimize threat detection and minimize false positives.Participate in Client SOC strategy and planning, including capacity planning and technology roadmap.Ability to multitask and work independently with minimal direction and maximum accountability.Coordination skills to collaborate with multiple technical and service delivery team.Good to have knowledge in Investigating, documenting, and reporting on any information security (InfoSec) issues as well as emerging trends.Good to have experiences in analysis of security incident/alert trend and suggest for fine-tuning.Good to have experience in Investigate suspicious activities, contain, and prevent them. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise
Minimum 8+ years of experience in IT Cyber Security Industry.Minimum 6+ years’ experience in SIEM Administration/Engineering.SIEM Technology in Qradar SIEM, Palo Alto XSIAM, Microsoft SentinelShould have good understanding of Networking, OSI, TCP/IP concepts.Should understand Cybersecurity controls and attack.Understanding of MITRE ATT&CK/NIST Framework and attack methods.Good to have Cybersecurity certifications [SIEM Administrations, CEH, CompTIA S+]Should have good understanding of ITIL process.