SOC Infra Engineer - L2 Support
Fort (Mumbai) IT development
Job description
Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
This is level 2 role and would be responsible to support SIEM Management & content management for SIEM detection use-cases for the program. They would be overlooking technical services delivery for SOC program for your enterprise.
If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here.
Responsibilities
· Good knowledge of SIEM, SIEM Architecture, SIEM health check.
· SIEM Rule creation and fine tuning, Deployment of SIEM in customer environment.
· Define and design criticality of SIEM rules in line with customer ask and threat Intel advisory.
· Troubleshoot issues regarding SIEM and other SOC tools.
· Good verbal/written communication skills.
· Build of use case for the customer, Parser management and customer log sources.
· Data archiving and backup and data purging configuration as per need and compliance.
· Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc.
· Helping L2 and L1 with required knowledge base details and basic documentations.
· Co-ordination with L2 and SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation.
· Work in a 24x7 Security Operation Centre (SOC) environment
Required Technical and Professional Expertise
· Overall 4+ years of experience with minimum 3+ years’ relevant experience in SIEM.
· B.E./ B.Tech/ MCA/ M.Sc. in Computer Science or IT
· SIEM integration with enterprise tools / sytems – requisite for SLA monitoring, access & relevant client requirements
· Identify Problems from recurring Incidents, Communicating Emergency Alerts & Warnings to relevant/designated stakeholders
· Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists
· Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach
Preferred Technical and Professional Expertise
· Preferably OEM Certified SIEM Specialist + CEH.
· Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
· Intuitive individual with an ability to manage change and proven time management
· Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
· Up-to-date technical knowledge by attending educational workshops, reviewing publications
· Any entrant or Professional skill on shell scripting, AIX, Linux.