This job ad has been posted over 30 days ago...

10

applicants

Sr. SIEM Engineer Full-time

at Network Intelligence India in Dubai (Published at 29-04-2019)

We are looking for Sr. SIEM Engineer

Experience : 5+ years

Location : UAE

Job Description
Sr. SIEM Engineer is responsible for end to end implementation for SIEM, Big Data & Security Analytics platform. Single handedly managing deployment on-premises and off-premises with minimal support from peers.
• Responsible to deploy, administer and fix ArcSight components (ESM, ADP, Investigate and UBA)
• Responsible for on-boarding of log sources for supported and un-supported devices
• Responsible for creating flex-development connectors for un-supported devices
• Design HLDLLD for customers based on experience, best practices and understanding of customer environment
• Responsible to work with SIEM – ArcSight content engineer to enhance Security Use-cases for SOC Environment
• Responsible for the completion of ArcSight Roadmap along with other team members in the SOC
• Responsible to work and integrate Automated Incident Smart Response in the SOC
• Supports definition and implementation of protocols to govern security assessment during on-boarding of new log sources
• Manage and report on the activities and performance of the regional SOC team
• Provide input to the SOC policies and procedures and correspondingly evaluate and update regional SOC policies and procedures to ensure SOC personnel follow uniform processes
• Verify all SIEM components are functioning optimally
• Provides valuable insight and input to the identification of information security risk within the regional and brand enterprises and recommends priorities for risk mitigation
• Assists with patching recommendations and solution for zero-day threats
• Coordinates with stakeholders internal and customer
• Communicates with management on Project progress and activities assigned
• Responsible to mentor other team members
• Responsible to create Run-books for incident resolution and updating the incident response run-book database.
• Responsible to conduct KT for client teams and internal SOC teams
• Develop content, analytics and detection around threat actor’s tactics, techniques & procedures that is deliverable through our daily knowledge base updates
• Integrate new devices and application with SIEM. Perform due-diligence with Company’s ITOTICS architecture to ensure all business-critical assets are integrated with SIEM
• Share integration pre-requisites for new assets and coordinate with device owners for integrating with SIEM
• Troubleshoot and rectify any issue related to SIEM environment and escalate and coordinate with vendor for the support whenever required
• Co-ordination with internal teams on implementing the necessary configuration on firewalls, web application firewalls, OT sensors, ICS systems etc., as required for enhancing the security
• Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructure systems.
• Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats
• Communicate effectively with customers, teammates, and management
• Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies.
• Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures
• Staying up-to-date with emerging security threats including applicable regulatory security requirements.
• Need to demonstrate a high level of commitment, initiative and motivated self-starter with proven abilities to get the job done.
• Should possess excellent communication skills
• May be required to participate in the delivery of service outside core business hours via either on-call functions or within in a 24x7 rotation


Recent jobs at Network Intelligence India


Viewed: 418 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend