Upgrade Post project

Lifecycle Management Consultant

CZ  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Support Maintenance Soc Cyber security Security Deployment Management Consultant Analysis SIEM Design

Description

Hi,

Below is the complete JD for this role:

SOC Lifecycle Management

  • 3-5 years' experience in security operations (L2/L3 Analyst + SIEM onboarding)
  • Focus on Use Case Definition, Design, Deployment, and Diagnosis.
  • Be the connectivity between SOC Analysts, Tools, Platform Support, CyberSecurity, Technology owners
  • Focused so as not to be distracted by Incidents
  • Track status and progress with formal processes. Report on progress
  • Skills Required
    • Knowledge of Security Incident process
    • Knowledge of security tools, logs, and SEIM
    • Organized and able to track complex projects
    • Able to create clear, concise documents and processes
  • Manage SIEM Use Case/Rule life cycle management process
  • Day to Day operations/health check in relation to (non exhaustive)
  • Monitor Data Model skipped searches rate, auditing them regularly
  • Collect assets and identities from all the proper sources, reformulate them to a proper format and get those to be used adequately by ES
  • Creation and maintenance of Correlation Searches:
  • Manage performance impacts of the number of concurrent correlation searches execution
  • Create adaptive responses with the client needs
  • Collect and transform Threat Intelligence Feeds for ES utilization
  • Create Technical Add-ons for the clients not yet CIM mapped sources.
  • Configure known accounts, administrative identities, domains, interesting ports, scanners, etc
  • Ensuring Best practice are applied within SIEM and Splunk Enterprise
  • Making use of accelerated data models for ES rules
  • Configure correlation searches with summaries only
  • Manage Splunk roles on ES to make sure the proper capabilities are set to the proper users and no more than those.
  • Create Macros that will provide the abstract categorizations the client requires to get the in-context results.
  • Fill in the SOC team with the tools of Investigations, Swimlanes and Glass Tables
  • Use existent rules, update the set of rules with newly released ones and align with the client for custom-based scenarios in Correlation Searches.
  • Align Priority and Severity of Assets and Identities with client. Monitor Risk, analyse and configure it
Start date
ASAP
From
HCL GB Ltd
Published at
15.01.2019
Project ID:
1701383
Contract type
Freelance
To apply to this project you must log in.
Register