2 Siem Tool Jobs

Responsible for operationalization of new security platforms to enable security operations Center to stay ahead of emerging and current threats. Security Information Event Management & Analytics Platforms integration Trellix SIEM(Mcafee) Build Co relation rules from different integrated sources that drive security analytics and incident response. Custom integration of Log sources and SIEM content development. Act as a Subject Matter Expert for Onpremise SIEM solution.. Configure and troubleshoot Mcfaee SIEM components and related functionalities. Plan and onboard different data sources such as: Windows, linux, AD, Firewall, other security tools integration. Candidates with prior experience of setting up security operations from scratch would have added advantage. Understand business requirements from the client and translate them into technical deliverables within Cyber Security domain. Creating parsers for Unknown events, Identify Security Events and Co Relation Rules. Manage the daily/weekly/monthly SOC metrics reporting for the assigned set of clients. Build custom use cases, dashboards, reports as per the requirement from client and internal stakeholders. Proven history of maturing SOC from Initial to Optimised level of CMM maturity model. Skills Required Must Have s 6+ years of experience in IT and 6+ years in Cyber Security. Hands on experience on On premise SIEM like IBM QRadar, Mcafee SIEM, Trellix SIEM including creation of custom queries, detection rules. SIEM Trellix SIEM, QRadar, Splunk Thorough understanding of various industry leading cloud native SIEM architecture, pricing and technical knowhow. Knowledge about various threat vectors and attackers TTPs. In depth knowledge of Active Directory. Excellent communication skills with ability to lead discussions with C level executives. Key Attribute Ability to work collaboratively in a fast paced environment. Continuous learner with a proactive approach to stay updated on industry trends. Strong problem solving skills and ability to make sound decisions under pressure. Customer facing with good written skills and strong communication skills at all levels. May be required to participate in out of hours on call rota. Ability to consistently deliver to deadlines while prioritizing competing demands for time. Qualifications Bachelors degree in information technology or related field. Relevant certifications (CISSP, CEH) Working knowledge on any other SIEM tool viz, Trellix SIEM, Splunk, QRadar etc.

About this role: Wells Fargo is seeking a Information Security Associate Manager In this role, you will: Establish execution of programs including risk management, vulnerability management, secure software development, and vendor management Maintain an awareness of the threat landscape companywide and provide security consultation in support of strategic planning and business development Lead implementation of complex projects and initiatives impacting one or more lines of business Develop and lead operational support for the information security programs including identity and access management, incident response and investigations, and disaster recovery and business continuity Make decisions that move significant opportunity to create advances in information security and efficiency and potential risk companywide Ensure compliance and risk management requirements for supported area are met and work with other stakeholders to implement key risk initiatives Manage a technical operations team Collaborate and consult with peers, colleagues, and managers Lead team to achieve objectives Interact with board, operating committee, management committee, executive management, and the Operational Risk Committee Manage allocation of people and financial resources for Information Security Analysis Mentor and guide talent development of direct reports and assist in hiring talent Required Qualifications: 2+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education 1+ years of Leadership experience Desired Qualifications: Bachelors or Masters degree in relevant Technology /Engineering discipline 2+ years of information security experience, 2+ years of experience in Leadership, cybersecurity Experience in Cybersecurity domain. Experience in correlating the interaction between different security areas not limited to the Day-to-day SOC Management, Emerging Threats, Integrating new technologies into the SOC monitoring framework, but other enterprise technologies as well. Experience in managing security operation center for multiple customers Excellent knowledge on SIEM Arcsight/SPLUNK. Excellent leadership, stakeholder management and program management skills. Demonstrated understanding and experience with information security threats, security operations fundamentals, MITRE and cyberkill chain frameworks. Experience in cybercrime investigation or fraud identification. Scripting language experience (e.g., Python, Perl, JavaScript, VBScript, etc.). Hands-on data analysis experience with tools such as SIEM Tool, Elasticsearch, Elk Stack, Kibana, InfluxDB, Chronograf, Hadoop, Infinispan, and other MapReduce and NoSQL technologies. Industry certifications like: CISM, CISSP, ISO 27001:2013LA Managed service delivery certifications like ITIL, Six Sigma will be beneficial Effective verbal, presentation, written and interpersonal communication skills. Accountable for forecasting, capacity planning, building high performing teams and monitoring the success of integrated service delivery. Strong attention to detail to ensure documentation, procedures, and information security operations-related information are accurate and consistent with generally accepted best practices and Wells Fargo policy.