Job Description
We’re searching for a Security Analyst to assist our 24×7 managed security operations center. This role is in the Onboarding Department, responsible for the strategic, technical, and operational direction of the Onboarding Team. This job description is not intended to be all-inclusive; the employee will also perform other reasonably related business/job duties as assigned.
Responsibilities
- Qradar, DSM(Parsing), Event Collector deployment/upgradation.
- Troubleshooting skills at all layers of OSI Model.
- Onboard all standard devices to Qradar, such as Windows Security Events, Firewalls, Antivirus, Proxy etc.
- Onboard non-standard devices by researching the product and coordinating with different teams. Such as application onboarding or onboarding new security products.
- Deploying connectors and scripts for log collection for cloud-based solutions.
- Basic validation of parsing and normalization of logs before handing them over to the SOC team will be day to day Job.
- Coordinate between customer and internal teams for issues related to log collection.
- The engineer needs to make sure that various team have completed their tasks, such as log validation, Log Source Not Reporting (LSNR Automation), Content Management before the Log Source is in production.
- Troubleshooting API-based log sources.
- Onboarding of new customers as well as conducting POC for a customer
- Fine-tuning of QRadar rules and policies as per customer requirements
Essential Skills
- Hands-on experience in Networking, troubleshooting and administration of SIEM tool
- Familiar with SIEM Administration, preferably Qradar
- Knowledge of Device Integration and Log collection
- Basics of Linux and Window Administration
- Knowledge of Regular Expression and basic understanding of scripting language, API
- Networking basics, practical understanding of how a typical network function
- Excellent in verbal and written communication
Additional Desired Skills
- Excel, formulation
- Documentation and presentation
- Quick response on issues and mail with prioritization
- Ready to work in a 24×7 environment
Education Requirements & Experience
- BE/B.Tech / BCA – CS/CSE or Equivalent trade, CCNA training
- System Security Certification
- CEH will be a plus