SIEM Admin Lead - Mumbai, India - Saint-Gobain International IT Delivery Centre
Found in: Appcast Linkedin IN C2 - 1 week ago
Description
Responsibilities:
Excellent understanding and proven hands-on experience in SIEM/SOAR concepts such as correlation, aggregation, normalization, parsing, playbooks, layouts
Experience with deploying and managing a large SIEM/SOAR environment
Develop, implement, and manage execution of standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/SOAR platforms
Create technical documentation around the content deployed to the SIEM/SOAR
Create/develop correlation detection rules within SIEM solution, reports and dashboards to detect emerging threats
Strong knowledge of frameworks such as Cyber Kill Chain and Adversary Tactics, Techniques and Procedures
Experience in using scripting languages to automate tasks in SIEM/SOAR
Has a sound understanding of other technologies like PAM, CASB, EDR, Email Security, Secure Web gateway etc. and other threat detection platform
Collaborate with key stakeholders within technology, application, and cyber-Security to develop specific use cases to address specific business needs
Creation of reports, dashboards, metrics for CyberSOC administration KPIs and presentation to senior management & other stakeholders
Manage and lead a team of 4-5 team members. Drive and align team to achieve defined Cybersecurity objectives
Qualifications:
Bachelor's degree in Computer Science, Information Security, EXTC or related field; relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are a plus
Proven experience (6+ years) working within the Cybersecurity field, with emphasis on security platform implementation & administration
Relevant experience (Min. 3 years) of managing a team
Experience with Palo Alto XDR & Sentinel (preferred) and/or other SIEM platforms like Qradar, SPLUNK, ArcSight
Experience with Palo Alto XSOAR(preferred) or equivalent SOAR Platforms like Resilient, Demisto
Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is a plus
Personal Skills:
Has a systematic, disciplined, and analytical approach to problem solving with Thorough leadership skills & experience
Excellent ability to think critically under pressure