SOC Lead (Splunk) | 6 to 9 years | Bengaluru & Mumbai

Job Description

• Monitoring Security Information and Event Management (SIEM) platform for security alerts, preferably Splunk Enterprise Security.
• Providing metrics and reports around security monitoring by designing dashboards for asset owners and management consumption. Leveraging existing technologies within the organization to expand the scope of coverage of the security monitoring service.
• Performs analysis duties, including:
• Development of Data Dictionaries for log sources to confirm which fields and values are needed or useful for Security Monitoring.
• Review of available logs to confirm there are adequate quantities and content to usefully provide Security Monitoring.
• Triage SIEM alerts to determine False Positive, Incident, or Technology Misconfiguration.
• Perform research at the request of Incident Response teams.

Primary Skills

• Splunk
• Incident investigation & Response

Secondary Skills

• Cyber soc services for BFSI customer.
• Excellent written and verbal communication skills.
• Ability to multi task, prioritize, coordinate, work well under pressure and meet deadlines.
• Good to have trainings certifications if any CCNA Security Network CEH certified MCSA RHCE.