Talent.com
SOC Engineering Lead

SOC Engineering Lead

ConfidentialBengaluru / Bangalore, Hyderabad / Secunderabad, Telangana
30+ days ago
Job description

Job Purpose and Key Responsibilities :

  • Handle different EDR and XDR tools.
  • Lead the deployment and implementation of SIEM solutions, ensuring they meet organizational security requirements.
  • Integrate various log sources into the SIEM platform, ensuring comprehensive data collection and analysis.
  • Performing updates and patches to SIEM Systems and ensuring system scalability and availability.
  • Integrating SIEM with other security tools and ensuring seamless dataflow and interoperability
  • Document configurations, processes, and procedures related to the SIEM platform to ensure clarity and consistency.
  • Creating dashboards and custom reports for metrics and health monitoring.
  • Ensure the SIEM platform complies with relevant security standards and regulations
  • Troubleshoot log collection and integration problems
  • Monitor the performance of the SIEM platform, identifying and resolving any issues that arise.

Primary Role & Responsibilities :

  • Deep understanding of cybersecurity principles, threats and mitigation techniques.
  • Strong skills in analyzing security data and logs to identify patterns and anomalies.
  • Strong understanding of log collection, normalization and analysis.
  • Understanding of SIEM architectures and deployment scenarios.
  • Experience integrating SIEM with various log sources and security tools.
  • Hands-on experience installing and configuring SIEM solutions.
  • Ability to gather and understand Security requirements for use case / detection rule creation.
  • Expertise in creating and modifying detection rules, correlation rules and alerting mechanisms.
  • Skills in fine-tuning and optimizing use cases / detection rules for performance and accuracy.
  • Expertise with developing Detection rules on SIEM platforms such as Microsoft Sentinel, Sumo Logic, Google Chronicle.
  • In-depth knowledge of each phase of the Cyber Incident Response life cycle
  • Expertise in Operating Systems (Windows / Linux) operations and Networking technologies.
  • Familiarity with Cyber Kill Chain and MITRE ATT&CK Framework and how to leverage in Security Operations
  • Ability to recognize suspicious activity / events, common attacker TTPs, perform logical analysis and research to determine root cause and scope of Incidents
  • In-depth knowledge of one or more SIEM Platforms like Microsoft Sentinel, SumoLogic, Google Chronicle.
  • Strong troubleshooting skills to resolve issues related to SIEM deployment and operation.
  • Experience with databases like SQL, NoSQL and understanding data structures Experience implementing ETL solutions to work with Log ingestion into SIEM, Such as Cribl or Logstash
  • Key Skills, Experience & Knowledge :

  • Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field; advanced degree preferred.
  • Handle different EDR and XDR tools.
  • 5+ years of experience in different SOC tools and in handling SIEM solution.
  • Experience configuring SIEM platforms.
  • Proficiency in various OS environments such as Windows, Linux and Unix.
  • Ability to configure log sources, parse logs and understanding correlation rules.
  • Familiarity with Cyber Kill Chain and MITRE ATT&CK Framework and how to leverage in Security Operations
  • Familiarity with ETL solutions
  • Understanding of network architecture and network security fundamentals.
  • Proficiency in scripting languages (e.g., Python, Bash, Powershell)
  • Key Skills / Knowledge :

  • Certified in Security +, Splunk Certified Phantom Admin, IBM Certified Deployment Professional, Cortex XSOAR Engineer, Azure Security Engineer or any other SOAR / Cloud related Certifications.
  • Understanding of the MAGMA use case framework.
  • Experience of working with diverse teams and is a team player.
  • Certified in Security +, Splunk Certified Phantom Admin, IBM Certified Deployment Professional, Cortex XSOAR Engineer, Azure Security Engineer or any other SOAR / Cloud related Certifications.
  • Previous experience in a Security operations or similar environment.

    Key Relationships & Contacts :

  • Digital Leadership Team
  • ICS Leadership Team
  • Business Stakeholders
  • Digital Programme / Portfolio Managers in all functions
  • Skills Required

    Soc

    Create a job alert for this search

    Engineering Lead • Bengaluru / Bangalore, Hyderabad / Secunderabad, Telangana