SOC/SIEM Administrator

We are hiring SOC Admin / SIEM Admin / SOC Engineers !!

For Experienced Candidates --

These positions will work on engineering and infrastructure of an advance SIEM/SOC solution stack, for collection, high scale storage, correlations, alert triggering and incident life cycle management. You will be using OpenSearch, Cortex, ELK and many more tech for base/foundation and advance Python and AI/ML components for detection engineering, deep correlations and incident responses. This is a role which combines engineering, infrastructure administrator and cloud infra engineering into one.

For Trainee Candidates --

These positions are remote for the first six months and then onsite (Hyderabad). All trainee positions will be trained to work on our SIEM/SOC stack, for rule configurations, alert configurations, dashboards & visualizations, incident run book maintenance, incident automation and component development for the stack.

Number of Positions - 5

Location - Hyderabad Castellum Office (CLabs Global SOC Centre)

Experience Needed - Self learning/self initiated on Linux, Cloud, Security and Shell/Python

Preference - People from strong networking & sysadmin background who want to transition to sec

Condition - Strong interest in cyber security admin/automation/emngg with demonstrable work pieces

Certifications Needed - None

Requirement for Experience Candidates --

• You should have worked extensively on OpenSearch, ELK, Cortex & more open source
• You should be very familiar with alert config, detection engineering & correlations
• You should be willing to learn under pressure and not have time constraints
• You should have worked on building multiple solution stacks in security
• Cloud, infra, Linux, shell are some of the words, which should excite you
• You should have worked and explored Linux during last two years
• You should know github well and should have used some tools from git
• You should have basic concept of cyber security fundamentals
• You should have some basic knowledge on shell & python
• You should have good enough concepts of different type of cyber attacks
• You should know threat intelligence and its application to SOC (including integration)
• You should know MISP and OCTI well and should be able to integrate from/into

Requirement for Freshers/Trainees

• You should be a self initiated candidate with less than 1 year in industry (freshers welcome)
• You should be willing to learn under pressure and not have time constraints
• You should be self initiated and driven to learn cyber security areas
• Cloud, infra, Linux, shell are some of the words, which should excite you
• You should have worked and explored Linux during last two years
• You should know github well and should have used some tools from git
• You should have basic concept of cyber security fundamentals
• You should have some basic knowledge on shell & python
• You should have good enough concepts of different type of cyber attacks

If you have what it takes to become a great cyber security SOC/SIEM Solution Engineeer, please apply.

Note --

• Not a 9 to 5 role (Needs deep involvement and no time constraints should be there)
• Needs an intent to get deeper into the cyber security areas across whole cyber spectrum
• This is not a penetration testing role, so please do not apply if you wish to pursue VAPT career