Cyber Security Operations Specialist - SIEM Specialist

We are hiring for Cyber Security Operations Specialist - SIEM Specialist

Exp level: 6 to 10 years

location: Bangalore

Mode: Hybrid

Preferred immediate to 30 days joiners

Shift: Rotational shift

JD:

SIEM Integration : The Cyber Security Operations Specialist focused on Telemetry, SIEM Integration, and Logging will be responsible for the design, implementation, and management of security monitoring and logging systems

This role involves integrating and optimizing Security Information and Event Management (SIEM) solutions, managing telemetry data, and ensuring comprehensive logging across the organization's IT environment to enhance threat detection and response capabilities

Roles & Responsibilities Strong knowledge of SIEM platforms (e.g., Splunk, IBM QRadar, ArcSight, microsoft sentinel) and their integration.

Proficiency in logging and telemetry tools (e.g., ELK Stack, Fluentd, Prometheus).

Experience with security monitoring and incident response methodologies.

Understanding of network protocols, operating systems, and security frameworks.

Design, implement, and maintain SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight).

Integrate various data sources into the SIEM, including network devices, servers, applications, and cloud services.

Develop and tune SIEM use cases, correlation rules, and alerts to detect potential security incidents.

Collect, process, and analyze telemetry data from diverse sources to provide actionable security insights.

Ensure the integrity, availability, and confidentiality of telemetry data.

Develop dashboards and reports to visualize telemetry data and support security operations. Implement and manage logging infrastructure to capture security-relevant data across the IT environment.

Develop and enforce logging policies and procedures to meet compliance and security requirements.

Collaborate with the Incident Response team to enhance detection and response capabilities. Implement automation scripts and tools to streamline security monitoring and incident response processes.

Optimize the performance and efficiency of SIEM and logging systems.

Continuously improve monitoring and logging processes through feedback and lessons learned. Work closely with IT and security teams to ensure effective integration of security monitoring and logging solutions.

Communicate effectively with stakeholders, providing regular updates on security posture and incidents.

Provide training and support to team members on SIEM, telemetry, and logging best practices. Maintain comprehensive documentation of SIEM configurations, logging setups, and monitoring processes.

Ensure compliance with relevant regulations and standards (e.g., GDPR, PCI-DSS, HIPAA) regarding logging and monitoring.

Conduct regular audits to verify the effectiveness of security monitoring and logging controls. Proven experience in security operations, including SIEM integration and management, logging, and telemetry.

Hands-on experience with scripting and automation (e.g., Python, PowerShell) to enhance security operations.

Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Security Operations Certified (GSOC), or SIEM-specific certifications