KEY ACCOUNTABILITIES
- Administer and maintain SIEM and SOAR platforms, including configuration, tuning, and updates.
- Onboarding of Log sources into SIEM platform, enhancing our security monitoring capabilities.
- Develop and implement correlation rules to detect potential security threats as per threat landscape.
- Design, implement, and maintain SOAR solutions to automate incident response workflows.
- Collaborate with cross-functional teams to integrate SOAR with existing security tools and processes.
- Develop playbooks for incident response and ensure regular testing and updates.
- Provide recommendation for Security Use-cases and SOAR Playbooks creation and optimization for any new / existing systems.
- Analyse and integrate threat intelligence data in SIEM and SOAR to enhance detection capabilities and incident response.
- Stay current with emerging threats and vulnerabilities, integrating relevant intelligence into security practices.
- Create and maintain documentation for SIEM and SOAR configurations, procedures, and playbooks.
- Generate regular reports on security incidents, trends, and metrics for management review.
- Provide training and guidance to team members on SIEM and SOAR best practices.
- Document all incidents, investigations, and analysis activities accurately and thoroughly.
OTHER
Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviours in harmony with DP Worlds Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP Worlds Code of Conduct and Ethics policies.Perform other related duties as assigned.QUALIFICATIONS, EXPERIENCE AND SKILLS
Knowledge and Experience
Bachelors Degree in Computer Science or equivalent.Should have 8 -10 years of experience in IT Security with at least 6 years experience in managing SIEM and SOAR solutions including logs onboarding and creation of automated playbooks.Technical and hands-on experience across Cyber Security and technology domains.Strong hands-On Experience on SIEM and SOAR Solutions.Understanding of security frameworks and compliance regulations.Proficiency in scripting languages (e.g., Python, PowerShell) for automation purposes.Excellent analytical and problem-solving skills, with the ability to communicate technical concepts to non-technical stakeholders.Strong understanding of the Cyber Kill Chain, pervasive threats attack methods and remediation.Industry recognized professional certifications CISSP, GIAC, NSE or Microsoft Azure.Good understanding in E-commerce, logistics, supply chain & port operations applications will be added advantage.Soft Skills
Sound analytical and intellectual capabilities.Excellent time management and organizational skills.Decision-making abilities.Team player and conflict management skills.Ability to multi-task, prioritize, coordinate, and work well under pressure to meet deadlines.Strong interpersonal and communication skills ability to work in a team environment.Cultural awareness.Must possess Excellent Reporting Skills.Technical Skills
Knowledge of Security information and event management (SIEM) and Security Orchestration and Automation (SOAR) solutions.Hands-on experience with Azure Sentinel SIEM Solution and FortiSOAR platform is desired.Experience with log onboarding on SIEM solution.Experience with automated playbook creation on SOAR Platform.LI-AA6
Locations - Bangalore, Karnataka, India