Job Description :
- Should have performed activities like Log source integration, Troubleshooting, Upgradation, performing DC-DR drill, etc
- OT/ Security Experience
- Use case creation, content development, playbook creation and automation with API's will be added advantage.
- Integrate respective solution / technology with every other solution / technology deployed in the SOC setup
- Automation of all L1 & L2 activities,
- Migration of data & logs from client to currently running SOC
- Collaborate closely with Technical Account Manager (TAM) and engineering division of the respective OEM for early resolution to the product level cases, vulnerabilities, bugs, features enhancement, patches, versions etc.
- Single point of contact to the client stakeholders with respective OEM
- Maintain the suitable architecture of the technology solution
- Perform threat modelling of the client assets and accordingly define the necessary use cases
- Execute Major changes without any disruption and adverse impact.
- Continuously deliver the value of solution to the client terms of detecting all kind threats, accuracy of detection, value added use cases and content development etc.
- Improvise threat hunting capabilities of the technology
- Continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities of the technology to threat detection and prediction capabilities and put in place advanced use cases
- Continuous fine tuning of configuration, rules, policies etc. Continuous innovation and automations in intuitive dashboards, report, queries.
- Optimization of response time to fetch data, logs in advanced queries, reports, dashboards etc.
- Ensure logs ingestion from data sources, automation of incident, vulnerability etc. remediation through SOAR