Consultant | Security Information and Event Management (SIEM) | Delhi | Cyber Defense & Resilience

Position Title: L1 Engineer Department: Security Operations Experience required :2-4 Years | consultant-----------------------------------------------------------Position Overview: We are seeking a detail-oriented and proactive LogRhythm L1 Engineer to join our security operations team. As a Level 1 Engineer, you will be responsible for monitoring, triaging, and responding to security events and alerts using the LogRhythm Security Information and Event Management (SIEM) platform. You will play a critical role in identifying potential security incidents, ensuring timely escalation, and supporting the team in maintaining an effective security posture.Key Responsibilities:- Log Monitoring and Event Analysis:- Monitor and analyze security event logs from various systems, devices, and applications via the LogRhythm SIEM platform.- Respond to and investigate security alerts generated by LogRhythm, assessing the severity and impact.- Identify and escalate potential security incidents based on predefined criteria, ensuring appropriate action is taken.- Incident Triage and Response:- Perform initial analysis on security alerts to determine if they are false positives or require further investigation.- Classify incidents based on their severity and impact, following standard operating procedures for escalation.- Collaborate with higher-level engineers and security teams to investigate and resolve security events.- Reporting and Documentation:- Maintain accurate and timely documentation of security events, incidents, and actions taken.- Assist in generating daily, weekly, and monthly security reports for internal stakeholders.- LogRhythm Platform Management:- Assist in the maintenance and configuration of LogRhythm SIEM, ensuring proper data ingestion, parsing, and normalization of logs.- Support continuous improvement of detection and alerting capabilities by working closely with senior engineers to refine detection rules, correlation rules, and use cases.- Collaboration and Communication:- Work closely with other security engineers, SOC analysts, and incident response teams to ensure effective incident resolution.- Communicate findings clearly and effectively to both technical and non-technical stakeholders.- Knowledge Sharing and Development:- Stay up to date with the latest security trends, vulnerabilities, and technologies to enhance the organization's security monitoring capabilities.- Participate in training and development to increase expertise in security operations and the LogRhythm platform.Skills & Qualifications:- Technical Skills:- Hands-on experience with LogRhythm or other SIEM platforms (such as Splunk, QRadar, or ArcSight) is highly desirable.- Basic knowledge of networking protocols (TCP/IP, HTTP, DNS, etc.), firewalls, intrusion detection/prevention systems (IDS/IPS), and other security technologies.- Familiarity with common security tools, including antivirus, EDR, and vulnerability management tools.- Experience:- Prior experience in a Security Operations Center (SOC), IT security, or incident response role is preferred, but not required.- Experience in event log analysis and understanding of common attack vectors and techniques.- Soft Skills:- Strong analytical and problem-solving skills.- Excellent communication skills, both verbal and written.- Ability to work effectively under pressure and handle multiple tasks simultaneously.- Certifications (Preferred but not required):- CompTIA Security+, CEHor similar certifications.- LogRhythm Certified Security Analyst or other SIEM-specific certifications are a plus.Education: - Bachelors of Technology in Computer Science, Information Security, or related field, or equivalent work experience.