Legion Siem Subject Matter Expert - Gurgaon, India - Innowrap Technologies
Description
We are seeking a Subject Matter Expert (SME) for its Legion SIEM/EDR/XDR security productline.
This individual has extensive hands-on experience with:
- EDR Solutions (Crowdstrike, SentinelOne, CarbonBlack, and eventually our Legion SIEM
- EPP Solutions (Cylance, McAfee, Symantec, and eventually our Legion SIEM solution)
- SIEM/log management (ArcSight, QRadar, Splunk, Securonix, and eventually our Legion
- UEBA/User and Entity Behavior Analytics
- Security Orchestration and Response (SOAR)
- Incident response and/or threat hunting
- Cyber security (endpoint, network, frameworks, etc.)
- Troubleshooting large scale and complex issues related to the above
testing cases, compelling sales demos, proof of concept success criteria as well as provide direct
hands-on assistance for large scale customer implementations from a Level 3 and 4 support
solve complex troubleshooting problems. However, the individual's focus is initially on internal
support rather than external support.
partners to provide technical enablement, scope, enable and support related opportunities. This
includes working with OEM providers for routers, firewalls, and other endpoints to ensure that our
Legion SIEM parsers are kept up to date.
This is a great opportunity to be an integral part of a growing team that is currently working on
building next generation SIEM solution.
We are looking for a talented, self-motivated, and passionate engineer who can work and support
internal teams and eventually support external customers to achieve business objectives.
Responsibilities include but not limited to:
- Be the thought leader in data platform and pipeline
- Work closely with Castle Shield's Technical Account Managers (TAMs) to ensure customers'
- and long-term needs are met
- Support data onboarding and customer installation (SIEM) for
- Work closely with Product Development engineers in whiteboarding sessions to provide
the SME will eventually lead this effort)
- Work closely with Product Managers to ensure urgent and important requirements are
- Monitor and assess CVEs to determine if the Legion SIEM rules need to be created or
- Understand customers' endpoint security needs to help them solve those needs with team member support as required
- Assist customers with product installation, setup, configuration, and problem escalation via
- Maintain vigilance with the cybersecurity industry and competitive landscape to influence
basis)
- Contribute to the development of product related salesenablement packages and product
- Act as a mentor for the SOC and SIEM Configuration team members
Required Skills:
- 5+ years of handson experience in the IT security industry
- 3+ years of experience in at least one of the following SIEM platforms: ArcSight, QRadar,
- Endpoint security and related products (EPP, EDR, AV, HIPS)
- Security threat intelligence; types, providers, formats, and implementation in large scale
- Incident response and threat hunting techniques using data correlation / ML across
- Working knowledge of one or more threat models: MITRE ATT&CK, diamond, Lockheed
- Technical proficiency in Windows, Linux, and/or macOS
- Strong troubleshooting skills
- In depth experience in data lakes and related ecosystems
- Project management experience
- Prior experience supporting enterprise customers
- Excellent written skills (whitepapers, technical documents, and blogs)
- Excellent interpersonal and presentation skills
Additional Skills Desired:
- Security focused presales engineering experience
- Experience with machine learning / artificial intelligence
- Experience with vulnerability management, secure configuration management, policy
- Experience with coordinating and communicating across multiple time zones
Job Type:
Temporary
Salary:
₹120, ₹130,000.00 per month
Schedule:
- Day shift
- Morning shift
Ability to commute/relocate:
- Gurgaon, Haryana: Reliably commute or planning to relocate before starting work (required)
Experience:
- total work: 1 year (required)
More jobs from Innowrap Technologies
-
Azure Data Factory
Remote, India - 3 weeks ago
-
Content Writer Intern
Mumbai, India - 2 weeks ago