1 view
Skip to first unread message

recruiter 642

Jan 17, 2020, 1:33:54 PM1/17/20
Job Type: C2C,C2H
Duration:12 Months

Duties and Responsibilities:
• Investigate, analyze & respond to SIEM events with articulate analysis and clear response
guidance to other partner teams through established communication mechanisms like
ticketing systems.
• Work closely with Security Engineering team by providing inputs in the areas of SIEM
especially with new log sources integrations, visibility gaps, use case development,
monitoring and documentation.
• Improve the efficiency of the programme by always looking for opportunity to tune security
controls (SIEM, IPS, WAF, EPP) to enhance the security posture of the enterprise.
• Contribute to the Incident Response by actively participating in different roles while
simultaneously engaging with IR Lead.
• Develop in-depth understanding of different Organization workflows & contribute to the kill
chain diagrams & playbooks for different IR scenarios.

• Experience working on SIEM Tools like Qradar, Splunk & Arc sight.
• Expertise in triaging, analyzing & responding to different SIEM events/offenses that normally
Includes logs from variety of platforms.
• Experience in developing use cases based on a given context, tuning the SIEM for reducing
False positives & increased detection of adversarial tactics, techniques and procedures
• Experience in doing the Incident Response through all phases by assuming different roles of
Incident Manager, Scribe and Engineer. Ability to assess the criticality of the asset/incident
And ability to escalate as required.
• Strong understanding of Network Security controls & ability to utilize them during IR.

If you are interested please share your resume at

Reply all
Reply to author
0 new messages