SIEM Admin

As a SIEM Admin L2 & L3, your role will be crucial in the efficient management and administration of the SIEM platform. You should be hands-on and capable of independently delivering various tasks related to SIEM administration. Your responsibilities will include: - Taking ownership of the SIEM platform for administration and management, ensuring service uptime, and maintaining proper performance. - Managing platform upgrades, updates (KBs), and patches as per OEM requirements. - Capacity management of the platform and administration of the underlying infrastructure layer. - Integrating log sources, including developing custom parsers for non-supported log sources, and integrating with other platforms like Threat Intelligence. - Configuring SOAR plugins, performing advanced troubleshooting, and managing problem resolution with OEM. - Configuring rules, reports, and dashboards based on inputs from the monitoring team and documenting RCAs for major incidents. In addition to the key responsibilities, you should possess the following skills: - Ability to interact with and manage customer stakeholders regarding platform management. - Strong team working skills and communication abilities. - Proficiency in SIEM platforms like LogRhythm or other industry-leading platforms, SOAR tools, Threat Intelligence tools (Cyble, IzooLogic), and ISTM tools. - Mandatory scripting knowledge, particularly in Regex. - Intermediate skills in Windows and Linux operating systems. - Good understanding of the security domain. You should also be prepared to work in shifts and be available for weekend activities as required. The following qualifications and certifications are preferred: - Education Qualification: B.E/B.Tech/Msc/MCA/M.Tech/Bsc/BCA - Certifications: CISSP or CISM Please note that this role requires a minimum of 5+ years of experience in a similar position.,