SOC - SIEM Engineer L3

Job Description: SIEM Engineer

Qualifications:

- BE/ B.Tech/ M.Tech/ MSc/ MCA qualification or equivalent

- At least one of the following certifications: GCFA, GCFE, CISP, CISSP, CCNP, CCIE Security, CEH

- 2+ years of experience in managing any SIEM tool

Responsibilities for SIEM Engineer:

- Create procedures, implement processes, and develop staff for managing and maintaining security systems across internal and client environments

- Participate in projects and project management as requested by customers or Micro Focus

- Design and generate data parsers as necessary to optimize data ingestion from a wide variety of devices including servers, firewalls, IDS/IPS, and VA appliances

- Facilitate SIEM tool change requests (upgrades, break fixes)

- Perform discovery and standards reviews of target environments

- Analyze environments and provide recommendations based on industry standards

- Review, design, and architect SIEM solutions for customers

- Test and improve SIEM use cases

- Interface with industry groups and present at associated conferences

- Provide input and guidance on service development

Qualifications for SIEM Engineer:

- Extensive experience in the design, implementation, and enhancement of an enterprise-level SIEM platform

- Significant experience with enterprise Windows and Linux-based architectures and security design

- Knowledge and demonstrable experience with Security Information Event Management systems (e.g., Securonix, Intel, QRadar, RSA, Splunk, or others)

- Ability to perform basic scripting tasks with Splunk to automate repeatable processes using Python, PowerShell, Perl

- SIEM Certified Admin Certifications

- Competence with command-line operating systems including UNIX and Linux

- Knowledge of various tools such as SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset, Web Security, AV, UBEA, Advanced SOC