Microland Hiring for Administrator – SIEM at Bengaluru, Karnataka Full Time

Full Job Description
Additional details
Level
P2
Requirement location
India – Bengaluru
Number of Position
1
Employment type
ML
Cluster/Group
Microland Delivery
Business Unit
RUN – HYBRID DELIVERY UNIT
Department
SOC – Tech Ops
Job Description

Technical Primary SkillsSecurity Event Monitoring (SIEM)1.Ability to peform detailed security event analysis and triage2.Understanding of SIEM Architecture.3.Monitor the Security Event as per the defined Event monitoring procedure.4.Monitor vital parameter of SIEM like number of devices logging into SIEM EPS Storage content updates etc.5.Security Incident Ticket creation and updation of event information in the ITSM Tools6.Escalation of Security Incident Ticket to respective Team for resolutionData Security (DLP)1.Knowlwdge DLP(Data Loss Prevention – Discover Monitor and Prevent).2.Knowledge on type of DLP (Network DLP and Host DLP)3.Monitor the DLP Security Event as per the defined DLP Event monitoring procedure and follow the SOP4.DLP Incident monitoring and tracking the alerts5.DLP Incident Management as per the DLP Event management procedure6.Understand the data classification in the client environmentWeb Security(Content Filtering)1.Knowledge on Web Content Filtering2.Monitor the Web Security Event as per the defined Web Security Event monitoring procedure.3.Whitelisting and Blacklistings of URL/Websites.4.Analyzing the URL repudation to identify malicious content.5.Blocking and Unblocking of URL”s request for End Users as per the defined standard operating procedure.End Point Security(Antivirus)1.Knowlwdge on Endpoint Security tools (Antivirus such as McAfee ePO Symantec SEP TrendMicro etc).2.Ability to Perform monitoring of the End Users Systems and Servers for Out-of-Date Virus Definitions as per the defined Antivirus Event monitoring procedure.3.Ability to Perform Ticket creation for Out-of-Date systems and co-odination with respective team for virus definition updates.4.Ability to Perform monitoring of the health state of Antivirus ( Agents running on User systems and Servers Communication between agenet and management Server).Functional Primary SkillsSIEM Management1.Create custom rules/rule modifications and custom reports/ report modifications as needed.2.Add /Remove log sources.3.Create client-specific Watch Lists if necessary.4.Create correlation rules Reports and Dashboards.5.Develop reports from SIEM for compliance requirements and governance.Monitoring1.Monitor the Security Event as per the defined Events monitoring procedure.2.Monitor vital parameter of SIEM like number of devices logging into SIEMEPScontent updates etc.3.Health monitoring of all the components in SIEM.(CPU UsageStorage SpaceCollection rateParsing rateUpTime etc.).4.Monitor Correlated Security Event and perform investigation along with respective team.Process1.Validation of false positive events and True positive events and fine tuning.2.Create Tickets for correlated security alerts and escalate to respectivesupport team as per the SOP.3.Escalation of Security Incident Ticket to respective Team for resolution.4.Process to log support ticket with the vendor/Hosted platform.5.Change Request -Emergency & RetrospectiveFinetuning the correlation rules and alarms.6.Developing Security reports on the basis of client requirements.7.Review the Security incidents trends and recommend new correlation rules.8.Finetuning the data sources which are sending noisy logs to SIEM.(Filtering noisy logs).9.Performing content/rules update in SIEM.Knowledge Base1.Create custom documentation for internal and external needs.2.Preparing SOP Documents.Backup & Disaster Recovery1.Taking the full backups of the SIEM components.2.Exporting RulesAlarmsWatchlistsReports and Data sources.Security Intelligence1.Tracking new global threats and vulnerability.2.Advisory on threat vulnerability and patches includes management platform.3.Updating the watchlists and tuning the rules on the basis of new vulnerabilities.Blocking the IOCs.Behavioural SkillsCommunication1.Delivers information effectively in a variety of formats including email analytical reports and decision documents. Understand the views of others.Can communicate assertively and effectivelyPlanning & Organizing1.Establishes priorities that address the details and timelines needed to achieve the intended results;Is flexible and utilizes resources. communicates bad news surprises early.2.Able to identify critical path and plan for meeting the sameCustomer & Business Orientation1.Understands customer needs and displays commitment towards meeting them.2.Demonstrates customer focus by seeking out understanding and responding to the needs of both internal and external customers.3. Has sound understanding of the customer”s business and can communicate suggestions to the customer.4.Understands business impact of process to customer. Responds to customers” needs questions and concerns in an accurate effective and timely manner.5.Effectively and professionally works with upset customers solving their problems