T&T | Cyber : D&R | AM | SIEM | Mumbai

Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc. Active analysis on Security Vulnerabilities, Advisories, Incidents, and Attack techniques. Tuning the SIEM rules to remediate false positive security alerts. Creating SIEM rules to fulfill requirements provided by customers in their security use cases. SIEM Administrator is responsible for maintaining clients SIEM appliance by making sure all SIEM deployment devices are working properly, efficiently and with desired performance. Inform L3 team of proactive and reactive actions to minimize false positives Identifying the risk for Infrastructure and executing the plan to reduce the risk. Driving End to End Internal and External Audits for Security infrastructure. Responsible to Perform detailed investigation on security log data events through SIEM Console. Security Analysis using Industry standard tools and technologies. Preparing detailed run book for each Use casefor creating the SOAR playbook Active analysis on Security Vulnerabilities, Advisories, Incidents, and Attack techniques. Have knowledge in device integration for log collection and developing custom parser for unsupported log source integration. Creating security Usecases and mapping it line to MITRE ATTACK and Cyber Kill Chain phases.Certifications requirements: IBM QRadar Administration / CEH/ Any Cloud Admin Certifications