Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

IBM SIEM Admin 
India, Maharashtra, Mumbai 
540367602

24.06.2024

Your Role and Responsibilities
This is level 2 role and would be responsible to support SIEM Management & content management for SIEM detection use-cases for the program. They would be overlooking technical services delivery for SOC program for your enterprise.
If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there’s no limit to what you can accomplish here.
  • Good knowledge of SIEM, SIEM Architecture, SIEM health check.
  • SIEM Rule creation and fine tuning, Deployment of SIEM in customer environment.
  • Define and design criticality of SIEM rules in line with customer ask and threat Intel advisory.
  • SIEM integration with enterprise tools / systems (various log source integration)– requisite for SLA monitoring, access & relevant client requirements
  • Troubleshoot issues regarding SIEM and other SOC tools.
  • Build of use case for the customer, Parser management and customer log sources.
  • Data archiving and backup and data purging configuration as per need and compliance.
  • Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc.
  • Helping L2 and L1 with required knowledge base details and basic documentations.
  • Co-ordination with L2 and SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation.
  • Work in a 24×7 Security Operation Centre (SOC) environment


Required Technical and Professional Expertise

  • Overall 4+ years of experience with minimum 3+ years’ relevant experience in SIEM.
  • B.E./ B.Tech/ MCA/ M.Sc. in Computer Science or IT
  • SIEM Rule creation and fine tuning, Deployment of SIEM in customer environment.
  • SIEM integration with enterprise tools / systems – requisite for SLA monitoring, access & relevant client requirements
  • Identify Problems from recurring Incidents, Communicating Emergency Alerts & Warnings to relevant/designated stakeholders.
  • Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists.
  • Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach.
  • Expertise in threat modelling, parser creation.
  • Good verbal/written communication skills.


Preferred Technical and Professional Expertise

  • Preferably OEM Certified SIEM Specialist + CEH.
  • Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work.
  • Intuitive individual with an ability to manage change and proven time management.
  • Proven interpersonal skills while contributing to team effort by accomplishing related results as needed.
  • Up-to-date technical knowledge by attending educational workshops, reviewing publications.
  • Any entrant or Professional skill on shell scripting, AIX, Linux.