Monitor real-time security events on SIEM console, Event Analysis, Investigating the Alerts and mitigation for the alerts.
Manage the SIEM Infrastructure and regular health check for overall security posture check
Creation of use-cases, dashboard, alerts, scheduled reports as per customer requirement.
Use-case development and fine-tuning as per Customer requirement.
Deep investigating and analyzing the events to prevent the malicious activities in the corporate environment.
Incident analysis in detail and solution mapping with knowledge base.
Integration of various log sources such as windows servers, Linux servers
Collection of necessary logs that could help in the incident containment and security investigation.
Creation of SPL queries as per business requirement.
Field Extraction and event parsing.
Work closely with other information security teams to ensure effective intrusion detection and incident response.
Troubleshoot data collection issues.
Daily interacting with L1 Team and validating triggered alerts.
Ensuring quality call handling and call escalation adhering to SLA.
Attending the audit at client end and furnishing relevant data to the auditor.
Validating stakeholder response on tickets and closing Tickets
Worked in 24*7 operational support
Job Classification
Industry: IT Services & Consulting Functional Area: IT Services & Consulting Role Category: IT Security Role: System Security Engineer Employement Type: Full time