SIEM Engineering

SIEM Engineering

Agreeya Solutions India Private Limited
5-8 years
Not Specified

Job Description



job description

role/project description
job description

usi security engineering senior consultant

are you interested in improving the cyber and organizational risk profiles of leading companies do you want to be involved in projects ranging from siem / security operations center soc strategic development to maturity assessments to implementation of leading threat monitoring, detection and analytics technologies can you deal with changing requirements from project to project, learn what you need to get the job done, and produce accurate and timely results

if yes, then client s cyber team could be the place for you client s cyber services help organizations create a cyber-minded culture and become stronger, faster, more innovative, and more resilient in the face of persistent and ever-changing cyber threats.
join our team of cyber professionals who focus on helping clients design and implement transformation enterprise security programs with an emphasis on defending against, recovering from, and remediating major cyberattacks.

we are currently hiring experienced talent at all levels from more hands-on siem / soc specialists through senior management and thought leaders. as a cyber senior consultant for client s cyber services, you ll work with our diverse teams of leading professionals to help design and implement solutions to some of today s toughest cybersecurity challenges so they can achieve business growth and manage risk.

in your role as a senior consultant, you will support a team in delivering projects across a variety of cyber topics, including such examples as
  • increasing maturity of key fusion center/soc capabilities across governance, people, processes and technology to proactively monitor, detect, investigate, and respond to known and unknown attacks
  • drive complex deployments of siem solutions while working side by side with the customers to solve their unique problems across a variety of use cases
  • scripting, regex, parser code writing to integrate various log sources along with siem tool for monitoring and analysis
  • rule development in response to newly realized scenarios, attacks, iocs/threat focused approach
  • perform the cyber threat research and knowledge acquisition activities such as malware, zero-day exploits, botnets, phishing sites etc.
  • monitor system and network inspection tools, siem, ids/ips etc. and identify potential threats affecting the client environment and generate client specific threat reports as per the incident level defined for the organization
  • providing client s perspective on the latest soc trends via current state maturity assessment, do now/do next/do later roadmap
  • assisting clients in identifying and deploying security analytics and alerting solutions based on their organizational requirements technical integration with key data inputs e.g. raw security telemetry coupled with referential data
  • developing actionable use cases to detect, triage, investigate and remediate based on latest threat actor trends, including actual technical implementation of parsing log sources creating, validating and testing alerting queries to reduce false positives.
  • enhancing and documenting existing soc processes to increase centralized visibility in order to identify suspicious activity to reduce the mean time to detect and respond to cyber threats.
  • perform advanced intelligence research activities and threat research and document the threat details with potential implications and mitigation steps

responsibilities
  • demonstrate knowledge of fusion center and soc market trends, competitor activities, client touche s products and service lines
  • interpret technical, operational, business, security, compliance and audit requirements and translate them into siem content for detection and analysis from soc
  • drive development and implementation of fusion center and soc strategies targeted on key client s risk and business needs, and enhanced by leading practices across people, processes and technology including current state assessments
  • support the design and implementation of fusion center/soc operating models, identifying, evaluating, and providing solutions to evaluate complex business via a threat-based approach
  • collaborate across the entire client organization to bring access to product and technical teams, to get the right solution delivered and drive innovation gathered from customer input
  • leverage previous experiences, share best practices and create innovative solutions to push user adoption and maximize the value of siem
  • facilitate process walkthrough discussions to document end-to-end business processes and functional requirements
  • facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
  • design and technically implement threat based use cases in security information event management siem and threat analytic systems
  • assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
  • support effective project and program kickoff, identification of all program stakeholders, defining and clarifying program roles and responsibilities.
  • track and communicate engagement performance and planning to client engagement management, ensuring project milestones remain on track and are completed timely, and escalate risks as appropriate
  • participate actively in decision making with engagement management and seek to understand the broader impact of current decisions
  • create and design effective presentations as a means for communicating project and deliverable progress to clients
  • build and nurture positive working relationships with clients with the intention to exceed client expectations
  • execute advanced services and supervise staff in delivering basic services
  • contribute to client s thought leadership in client organizations and the external marketplace.
  • work cross-functionally with team members to support and drive a collaborative team environment
  • actively mentor and train team members on fusion center/soc processes, governance, and frameworks
  • adopt a pragmatic approach to dealing with situations where confidentiality is important or where our work is of a sensitive nature. helping maintain our client s strong professional relationships is integral to our business.

required
  • 5 years of work experience in one or more cyber areas around siem, soar, incident response, threat hunting and forensics
  • siem architecture design, implementation and maintenance, use case development, log source integration experience
  • proficient understanding of it infrastructure and security architecture, networks management, network security, log management, ethical hacking and security assessment tools and relevant security technologies, such as malware management, network forensics, flow analysis, ids/ips, etc
  • bachelor of science/business administration with a concentration in computer science, information systems, information security, math, decision sciences, risk management, engineering mechanical, electrical, industrial or other business/technology disciplines
  • background and knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, threat modeling, etc.
  • ability to demonstrate an investigative mindset. not just being able to execute a task but being able to understand the reason for that task, and determine next steps depending on the results while maintaining a firm grasp of the overall goals of the entire process
  • basic understanding of industry standards in operations such as itil processes e.g. change management, configuration management, problem management, incident management , sixsigma standards etc.
  • excellent communication, listening facilitation skills

preferred
  • experience interpreting, searching, and manipulating data within enterprise logging solutions e.g. siem, it service management itsm tools, workflow, and automation
  • ethical hacking and information security certifications such as oscp, ceh, cissp, sans etc.
  • siem certifications such as splunk architecture, client arcsight, ibm qradar certified, etc
  • certifications cissp, cisa, cism, gcih, gmon, gcda, gpen, gcfa, gcti
  • experience with consulting skills client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc. have played a lead role in client engagements
  • experience with scripting and programming languages
  • demonstrated leadership and team-building abilities
  • demonstrable personal interest in computing, security, and digital communication


experience

job location

mandatory skills

good to have skills

certifications required if any

Job Details

Employment Types:

Industry:

Function:

IT

Similar Jobs

Career Advice to Find Better