This job ad has been posted over 30 days ago...



Team Member - Cyber Security of SIEM Data and Content Scientist Full-time

at HDFC Bank in Mumbai (Published at 25-08-2017)

  • Understanding of IBM QRADAR product architecture and its working.
  • Understanding of various logs, Log formats, Log parsing techniques, SIEM rule creation
  • Understanding of Log sources such as Operating System, Database, Web servers, Security and Network Technologies
  • Create baseline and logging level for the above log sources
  • Creation of UDSM or custom Parsers for log sources that are not supported in Qradar.
  • Design and Implement new use cases or rules in SIEM
  • Collate inputs from Monitoring and Incident Response team for new Rule development
  • Would understand the data logs available in the bank
  • Help in developing security data models and metrics
  • Work on enabling to use the data effectively to generate meaningful rules and reports
  • Act as the subject matter expert for the customer’s SIEM solution.
  • Work with external teams to ensure all necessary logging sources are reporting to the SIEM.
  • Creation of technically detailed reports on the status of the SIEM to include metrics on items such as a number of logging sources; log collection rate, and server performance.
  • Assist in troubleshooting and problem solving of issues related to SIEM.
  • Responsible for the change management of SIEM solution.
  • Responsible for performing the audit walkthrough on the SIEM Solution
  • Responsible for raising an exception with ISG and other stakeholders wherever the security technologies are not feasible to be implemented.
  • Responsible for normalization of logs either by reviving the log baseline of log sources or recommending changes on log sources to reduce noise.
  • Responsible for integration of app exchanges that enrich the data and content stored in SIEM.
  • Responsible for fine-tuning of rules in SIEM implemented security technologies for security effectiveness and reducing false-positives.
  • Responsible for creation of SOP (Standard Operating Procedure) for SIEM solution.
  • Responsible for 99.999% uptime of SIEM Infrastructure by – capacity management, patch management, version upgrade etc.

Skills/Knowledge prerequisites:

1. Should have 5+ years of experience in SIEM Data and Content Management Domain
2. Expert technical skills in IBM Qradar SIEM
3. Should have Scripting (Python, Perl, Bash, etc…)
4. Detailed knowledge of current IT environment
5. Experience with RHEL
6. Minimum knowledge on various security and network products and technologies (e.g. Firewalls – Checkpoint, Nokia, Juniper, Fortigate; ISS IDS, IPS, HIDS, Symantec Antivirus, URL/Content Filtering, Proxies, Active Directory, Qualys Scanner)
7. Analytical and Problem Solving Skills
8. Should have good communication skills – written, verbal, vendor coordination
9. Should have good documentation skills – Writing Standard Operating procedures for Operation Team, baseline and guideline documents etc.

Educational Qualifications:
1. B.E. in I.T / Computer Science / Electronics
2. IBM Qradar Certified associate administrator or Deployment professional
3. CISSP / CISA / SANs certifications will add value

Note: Applications have been closed.

Recent jobs at HDFC Bank

Viewed: 2081 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend