Siem Security Use Cases Architect - J. P. Nagar, Bengaluru, Karnataka, India - Engage ESM
Description
Publication Date:
Mar 31, 2023
Ref
No:
420195
Location:J. P.
Nagar, Bengaluru, Karnat, IN, SIEM Architect
Exp : 10-12years
Job Location-Bangalore
JD:
- 1. Prior experience of Content Engineering (i.e. Use Case Conceptualization or rollouts) 2. At least 8+ years in SOC/MSSP/MDR service delivery 1. Analyse & understand global threats, attacks, breaches, incidents and evolving threats to identify potential detection approaches using AIsaac platform. Primarily, as part of rule engine /search queries Also, provide inputs to AI/ML team on possible roll outmodels/algorithms 2. Lead continuous research and identification of threat detection use cases (threat detection rules) in AIsaac platform content Conceptualization of use cases for newer log sources, evolving threat landscape, newer attacks and newer Threat intelligence/advisories Threat Modelling, Threat Vector Analysis, Analysing Red Teaming activities from detection perspective 3. Publish articles/blogs/whitepapers on threat detection approaches in MDR on newer areas or threat detection capabilities. 4. Working with customer and operations teams on understanding, learning past breaches/incidents and improvise use cases and threat detection mechanism. 5. Continuous improvement of AIsaac (Atos's MDR Platform) use case content by benchmarking with other MDR providers/platforms and global frameworks such as MITRE ATT&CK, CKC and so on. 6. Standardizing UCs and make it available for global consumption across multiple MDR platform deployments.
Must Have:
- 1. Prior experience of security rules (use cases) conceptualization and rollout (in any SIEM) 2. Understanding and any work involving CKC & MITRE framework 3. Understanding of Vulnerabilities or any handson experience in Security Testing, Vulnerability Scan, Red Teaming exercises & Penetrating Testing. 4. Deeper understanding off threat scenarios, threat vectors and logs to arrive at identify new threats. 5. Log analysis of logs for conceptualizing additional threat use cases 6. Strong Network Fundamentals, Security Fundamentals & Cloud exposure 7. Understanding & handson experience in handling one or more SIEM / EDR / MDR products
More jobs from Engage ESM
-
Mainframe Storage Admin
Bengaluru, India - 4 weeks ago
-
Siem Admin
India - 1 week ago
-
Soc-incident Response- L2
Navi Mumbai, India - 1 week ago
-
Mainframe Networking
Bengaluru, India - 1 week ago
-
Go Language
Chennai, India - 1 week ago
-
Aix - System Administrator
Mumbai, India - 1 week ago