Required skills:
- Familiarity and experience with Security Monitoring processes using SIEM tools
- Install / configure / build / fine-tune the SIEM tools to setup an effective information security support
- Establish KPI, review & manage security logs and provide reports based on KPI and metrics.
- Hands-on knowledge of Correlation rules creation / Update / Deletion
- Familiarity of ITIL and ISO processes.
- Excellent communication and customer interaction
- Monitoring of security incidents in 24x7 rotational shifts.
- Monitor health of SIEM components and create incidents to the support team for action.
- Triage of events as provided in SOPs.
- Escalation of incident to customer as per SOPs.
- Ensure incidents are handled as per SLA.
- Track incident to closure as per SOP.
- Escalation of incident to Security Analyst for non-standard incident.
- Highlight gaps in SOPs to Security Analyst.
- Generate reports as per defined templates and frequency.
- Provide shift hand over reports as per defined template.
- Create SOPs for incident handling
- Create report templates in the SIEM tool as defined by Security Analysts
