Consultant | Security Information and Event Management (SIEM) | Mumbai | Cyber Defense & Resilience

Develop, test, and implement custom SIEM rules, correlation logic, and use cases to detect security threats.Continuously improve and tune existing detection content to reduce false positives and enhance detection accuracy.Build and maintain complex correlation rules, dashboards, and alerts tailored to organizational needs.Stay current with emerging threats and vulnerability trends, ensuring SIEM content is aligned with the latest threat intelligence.Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc.Active analysis on Security Vulnerabilities, Advisories, Incidents, and Attack techniques.Creating SIEM rules to fulfill requirements provided by customers in their security use cases.SIEM Administrator is responsible for maintaining clients SIEM appliance by making sure all SIEM deployment devices are working properly, efficiently and with desired performance.Inform L3 team of proactive and reactive actions to minimize false positivesIdentifying the risk for Infrastructure and executing the plan to reduce the risk.Driving End to End Internal and External Audits related tocontent management. Responsible to Perform detailed investigation on security log data events. Security Analysis using Industry standard tools and technologies. Preparing detailedrun book for each Use casefor creating theSOAR playbook Active analysis on Security Vulnerabilities, Advisories, Incidents, and Attack techniques.Have knowledge in device integration for log collection and developing custom parser for unsupported log source integration.Creating security Usecases and mapping it line to MITRE ATTACK and Cyber Kill Chain phases.