Security Consultant: SOAR

Job Responsibilities- Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations - Hands-on basic experience with configurations and management of SIEM tools(Qradar) including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. - Proven Experience on any of the Security information and event management (SIEM) tools using Qradar - Data-driven threat hunting using SIEM, EDR and XDR tools - Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR - Identify quick defence techniques till permanent resolution. - Recognize successful intrusions and compromises through review and analysis of relevant event detail information. - Playbook developer - Review incidents escalated by Level 1 analysts. - Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. - Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. - Identify the gaps in security environment & suggest the gap closure - Drive & Support Change Management - Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting - Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. - Willing to work in 24x7 rotational shift model including night shift.

Apply Now