SIEM Admin Lead - Mumbai, India - Saint-Gobain International IT Delivery Centre

    Saint-Gobain International IT Delivery Centre
    Saint-Gobain International IT Delivery Centre Mumbai, India

    Found in: Appcast Linkedin IN C2 - 1 week ago

    Default job background
    Description

    Responsibilities:

    Excellent understanding and proven hands-on experience in SIEM/SOAR concepts such as correlation, aggregation, normalization, parsing, playbooks, layouts

    Experience with deploying and managing a large SIEM/SOAR environment

    Develop, implement, and manage execution of standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/SOAR platforms

    Create technical documentation around the content deployed to the SIEM/SOAR

    Create/develop correlation detection rules within SIEM solution, reports and dashboards to detect emerging threats

    Strong knowledge of frameworks such as Cyber Kill Chain and Adversary Tactics, Techniques and Procedures

    Experience in using scripting languages to automate tasks in SIEM/SOAR

    Has a sound understanding of other technologies like PAM, CASB, EDR, Email Security, Secure Web gateway etc. and other threat detection platform

    Collaborate with key stakeholders within technology, application, and cyber-Security to develop specific use cases to address specific business needs

    Creation of reports, dashboards, metrics for CyberSOC administration KPIs and presentation to senior management & other stakeholders

    Manage and lead a team of 4-5 team members. Drive and align team to achieve defined Cybersecurity objectives

    Qualifications:

    Bachelor's degree in Computer Science, Information Security, EXTC or related field; relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are a plus

    Proven experience (6+ years) working within the Cybersecurity field, with emphasis on security platform implementation & administration

    Relevant experience (Min. 3 years) of managing a team

    Experience with Palo Alto XDR & Sentinel (preferred) and/or other SIEM platforms like Qradar, SPLUNK, ArcSight

    Experience with Palo Alto XSOAR(preferred) or equivalent SOAR Platforms like Resilient, Demisto

    Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is a plus

    Personal Skills:

    Has a systematic, disciplined, and analytical approach to problem solving with Thorough leadership skills & experience

    Excellent ability to think critically under pressure