Lead SIEM Analyst - Hyderabad, India - Blue Yonder

    Blue Yonder
    Blue Yonder Hyderabad, India

    1 week ago

    Default job background
    Description

    Scope:

    Lead SIEM analyst administer Plan, design, implement, monitor, Manage QRadar SIEM Tool that protect an organization's computer systems and data.

    The Enterprise Security team currently comprises of 30+ members and is expected to grow rapidly. The incumbent will need to have leadership qualities also to mentor junior security associates in our team.


    Technical Environment:

    Software:
    CEH. Strong Administration knowledge on QRadar, Endpoint Security, Web and Email

    and Cloud Security ProductsApplication Architecture : Enterprise Information Security -SOCWhat you'll do:End to End Management of SIEM (QRadar) and Splunk technology

    Setup and configure new QRadar tools and configure policies.
    Data source integration,SIEM administrationParser development,Content developmentUse case development.
    Report, and Dashboard configuration.
    Engage in Security incident life cycle phases.
    Develop the playbook for defined use cases for SOC analyst.
    Rule Creation, Building block creation and fine tuning.

    For all the about products candidate is responsible for

    Product UpgradesAct as POC for all product issues.
    Vendor Co-ordinationCo-ordinate with Stakeholder to troubleshoot any product related issuesPrepare SOPs, Ensure SLA is met.
    Provide Weekly and Monthly Metrics to the managementLead new projects independently

    What are we looking for:6 to 8 years of experience on SIEM tool IBM QRadar and Splunk.
    IBM QRadar SIEM administration and implementation.
    Strong skill set in Parser development for unsupported log sources/Custom log source integration.
    Log source integration with SIEM.IBM QRadar UBA administrationCandidate with Splunk ES experience will have additional advantage.
    Ability to multitask and work independently with minimal direction and maximum accountability.
    Must be proficient in scripting language PowerShell or Python.
    Intimate familiarity with Linux and windows platform and its command line utilities.
    Ability to reach to high pressure and challenging environment.
    Excellent customer service including strong written and oral communication skills.
    Bachelor's degree in Information Security/Systems or related industry experience.
    Certifications such as IBM Certified Associate Administration and/or IBM Certified Deployment Professional.

    Good to have:
    Performs detailed analysis of alerts and potential threats.
    Performs daily detect & response functions, working closely with SOC functions.
    Maintains and documents the security control procedure, SOP & Play-book.
    Participates in Forensic investigations and computer security incident response.
    Leverages internal and external resource to research threats, vulnerabilities and intelligence on various attack vectors and attack infrastructure.
    Strong knowledge on ITIL processes like Incident, Problem & Change Management. ITIL V3 Foundation certification will be given preference.