Security Lead

- SIEM (Security Information and Event Management): - Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. - Perform threat hunting, incident analysis, and security event investigations. - Develop and maintain custom use cases to detect advanced threats. - SOAR (Security Orchestration, Automation, and Response): - Implement and maintain SOAR playbooks to automate security responses. - Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. - Monitor SOAR workflows and fine-tune automation to optimize SOC operations. - UEBA (User and Entity Behavior Analytics): - Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. - Configure and tune UEBA models to reduce false positives and enhance detection capabilities. - NBAD (Network Behavior Anomaly Detection): - Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. - Work with network and SOC teams to investigate and respond to suspicious network behavior. - General: - Collaborate with incident response, threat intelligence, and risk management teams. - Continuously review and enhance detection rules based on emerging threats. - Document all procedures, incidents, and findings properly for audit and knowledge management. - Required Qualifications:Education:B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology.Experience:Minimum 4+ years of relevant experience.Certifications:Certified Ethical Hacker (CEH) Preferred

Apply Now