Primary Skill Sets: Python, Log Analysis, SIEM, JIRA, Ticket Management
Secondary Skill Sets: MITRE Framework, NOC, SOC, Playbooks
Summary:
Responsibilities of the Role:
- Learn the platform capabilities and internals to be able to support troubleshoot issues with detection content
- Triage customer tickets and provide technical support for issues in customer environment associated to detection content
- Provide on-call support during weekdays and weekends
- Proactively monitor reports and dashboards tracking content metrics from the field and flag issues
- Help generate or collect sample logs relevant for resolution of detection tickets
- Document RCAs for issues resolved
- Ensure detection content is sufficiently tested and validated before pushing to production
- Submit clear documentation around the detection content developed
- Responsible for maintaining policies and threat-models in the Securonix platform
Skills Required:
- At-least 1 year of prior experience in building threat detection content for SIEM platforms like ArcSight, QRadar, Splunk, LogRhythm, etc
- Understanding of the different MITRE ATTCK Matrices
- Strong fundamentals in network and operating systems concepts
- Experience working with offensive security testing tools
- Ability to automate basic tasks using scripting languages like Python
- Experience in GIT and SVN based code management
- Strong written and verbal communication skills
Additional Skills (Good to Have):
- Prior investigations and response / SOC experience
- Information security professional certifications (OSCP, CEH, etc)
- Developer or contributor to open-source attack or defense cyber-security tools
Benefits:
- Health Insurance with a total sum insured is INR 5,00,000
- Coverage: Self, Spouse, 2 kids, Dependent parents, or parents-in-law
- Personal Accident with total sum insured is INR 10,00,000
- Term Life Insurance with a sum assured for employees is 5 times fixed base pay is covered.
