Lead SIEM Analyst

Overview:

• We are a leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places To Work India 2023”

• Lead SIEM analyst administer Plan, design, implement, monitor, Manage QRadar SIEM Tool that protect an organization’s computer systems and data.
• The Enterprise Security team currently comprises of 30+ members and is expected to grow rapidly. The incumbent will need to have leadership qualities also to mentor junior security associates in our team.

• Software: CEH. Strong Administration knowledge on QRadar, Endpoint Security, Web and Email and Cloud Security Products
• Application Architecture : Enterprise Information Security -SOC

• End to End Management of SIEM (QRadar) and Splunk technology
• Setup and configure new QRadar tools and configure policies
• Data source integration
• SIEM administration
• Parser development
• Content development
• Use case development
• Report, and Dashboard configuration
• Engage in Security incident life cycle phases
• Develop the playbook for defined use cases for SOC analyst
• Rule Creation, Building block creation and fine tuning
• For all the about products candidate is responsible for
• Product Upgrades
• Act as POC for all product issues
• Vendor Co-ordination
• Co-ordinate with Stakeholder to troubleshoot any product related issues
• Prepare SOPs, Ensure SLA is met
• Provide Weekly and Monthly Metrics to the management
• Lead new projects independently

• 6 to 10 years of experience on SIEM tool IBM QRadar and Splunk.
• IBM QRadar SIEM administration and implementation
• Strong skill set in Parser development for unsupported log sources/Custom log source integration
• Log source integration with SIEM
• IBM QRadar UBA administration
• Candidate with Splunk ES experience will have additional advantage.
• Ability to multitask and work independently with minimal direction and maximum accountability
• Must be proficient in scripting language PowerShell or Python
• Intimate familiarity with Linux and windows platform and its command line utilities
• Ability to reach to high pressure and challenging environment
• Excellent customer service including strong written and oral communication skills
• Bachelor’s degree in Information Security/Systems or related inLogdustry experience
• Certifications such as IBM Certified Associate Administration and/or IBM Certified Deployment Professional

• Performs detailed analysis of alerts and potential threats
• Performs daily detect & response functions, working closely with SOC functions
• Maintains and documents the security control procedure, SOP & Play-book
• Participates in Forensic investigations and computer security incident response.
• Leverages internal and external resource to research threats, vulnerabilities and intelligence on various attack vectors and attack infrastructure
• Strong knowledge on ITIL processes like Incident, Problem & Change Management. ITIL V3 Foundation certification will be given preference