Requirement:
Education
- ITC/Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution
- Certified in leading SIEM administrator would be plus
- Professional security related qualification (e.g. SANS GCIA, GCIH etc.) will be favorable although not mandatory
Technical Skills
- Overall experience 8+ years of experience.
- 5+ years of relevant experience in the area for managing SIEM preferably Splunk/ArcSight
- Hands on experience in Advanced SIEM, Security Analytics solution, Linux and database (MySQL, Oracle/SQL)
- Very strong troubleshooting skills.
- Strong in providing operational support to any SIEM and other security platforms
- Strong knowledge in Syslog log management platform
- Experience in understanding end to end data flow
- Strong knowledge in understanding OS, Proxy, Network and other main-stream Infrastructure, Application, Access and Cloud logs.
- Strong Knowledge in developing custom parsers (regex) required for data ingestion for any infrastructure or application-based data feeds.
- Strong knowledge to optimize performance and outages related to SIEM Solutions.
- Experience in normalize and data preparation to clean the data
- Experience in Data/Device Integration and provide the data back to other platform.
- Knowledge with SOAR platform is an added advantage.
- Experience in Automation using any scripting languages like Python and Shell.
- Knowledge and hands-on experience on implementing Use Cases would be add-on.
Soft Skills
- Good written and verbal communication skills
- Process and procedure adherence
- Strong analytical and problem-solving skills
- Effective time management and organizational skills.