Jr. SIEM Admin
Publication Date:
Apr 21, 2024
Ref. No:
506662
Location:
IN
Location : Bangalore
Experience : 4 to 6 Yrs
- Good knowledge of SIEM, SIEM Architecture, SIEM health check.
- Deployment of SIEM in customer environment.
- Audit the SIEM in the customer environment.
- Troubleshoot issues regarding SIEM and other SOC tools.
- Good verbal/written communication skills.
- Build of use case for the customer.
- Data archiving and backup and data purging configuration as per need and compliance.
- Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc.
- Helping L2 and L1 with required knowledge base details and basic documentations.
- Co-ordination with L2 and SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation.
- High ethics, ability to protect confidential information.
- Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis.
- Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure.
- Update and maintain SOC knowledge base for new security incidents and docs.
- Creation of daily status report sheet and submit to SOC manager for review.
- Review advisories and make necessary detection measures.
- Provide analysis and trending of security log data from a large number of security devices.
- Troubleshooting non-reporting devices fix and maintain device status.
- Working with OEM (Tool support) in a way to resolve the issue or incident raised.
- Administration of Windows and Unix servers.
- Building Parser for the SIEM using regex.
Ready to work on 24/7 shifts to support client requirement.