Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Security Information and Event Management (SIEM)
Good to have skills : NA
Minimum 3 Year(s) Of Experience Is Required
Educational Qualification : BE BTECH MTECH
Summary: The Content Engineer/Team Lead will be responsible for โGoogle Chronicle" SIEM/ SOAR content development such as correlation rules, dashboards, reports, custom parsers, SOAR Playbooks. This involves researching and understanding security threats and vulnerabilities and translating that knowledge into actionable content that can be used to detect and respond to security incidents. Roles & Responsibilities:
- Expert in developing complex correlation rules, playbooks, policies, and custom parsers.
- Monitor the effectiveness of content and tune content to minimize false positives and maximize true positives.
- Conduct ongoing research and participate in industry forums and conferences to stay up to date with the latest security trends to ensure content effectiveness in detecting and preventing new threats.
- Automate content development and maintenance processes including the use of scripting and other automation tools to streamline content creation and testing.
- Design and implement security automation and orchestration workflows for areas such as incident triage, threat intelligence and vulnerability management using SOAR platforms, scripting, and API integration.
- Integrate security tools into the SOAR platform.
- Manage and analyze data related to security incidents, threats, and vulnerabilities to identify trends and patterns and use this to develop more effective workflows and improve overall security operations.
- Maintain detailed logs and reports of security automation and orchestration activities, including metrics related to workflow efficiency, incident response times and threat detection rates to provide internal and external stakeholders with updates on SOAR effectiveness. Professional & Technical Skills:
- At least 5+ years of experience in Information Security, Risk Management, Infrastructure Security.
- 4+ years of hands-on experience on developing use cases with deep understanding on SIEM configurations, SOAR Playbooks, log parsing etc.
- Expert in developing complex correlation rules, playbooks, policies, and custom parsers.
- Creation of customized dashboards, alerts, and reports.
- Good understanding of Regular Expression (REGEX), Yara L.
- Excellent verbal and written communication skills. Additional Information:
- Certifications such as ECSA, ITIL, GIAC-GCIA.
- Advanced Certification on any SIEM or SOAR products.
- Knowledge about scripting languages, Python, PowerShell. Education:
- Bachelorโs and above degree in Computer Science, Information & Technology, MIS, Engineering.
BE BTECH MTECH