ArcSight SIEM, EDR, AV, Email Security, CSPM, WAF administration and operation management
Ensuring availability of all SOC tools and ensuring ROI of investment in technology
Custom/unsupported devices integration with ArcSight SIEM and use cases creation.
Content creation on SIEM to cover all stages of MITRE.
EDR, CSPM, MDO policy fine-tuning.
Design, develop, monitor, adhere to various SLAs/KPIs/KRIs applicable to Security Operations Centre.
Creation of customized reports and dashboards for presentation to various stakeholders.
Identify and address technical or operational risks.
SIEM and other security platform performance and capacity management
Develop and maintain technology architecture cost and return on investment (ROI) models to assess architecture change.
Should be able to perform analysis of logs from various devices and develop use cases considering evolving threat landscape for anomaly detection.
Lead any module within Security Operations Center like Threat Hunting, Threat Intelligence, Content Management etc. to improve overall detection & response capabilities.
Well versed with logging standard development and device onboarding/log source integration of diversified devices including the ones not supported by SIEM OEM.
Should have clear understanding of MITRE framework and how to operationalize the same across multiple functions of SOC.
Handle 24*7 operations and support various SOC activities
Good Communication Skill and stakeholder management is imperative.
Educational qualifications:
Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).
Advanced certification desirable RHEL certified, ArcSight Admin, AZ-900, CISP, CCSP, AWS Certified Solution Architect – Associate, Google Cloud Professional Security Engineer, Microsoft Certified: Azure Security Engineer Associate.
Experience:
Minimum 5+ year of experience in Engineering Admin and overall, 10+ Years of experience in Cyber Security
Strong experience in ArcSight SIEM, EDR, CSPM architecture, administration.
Proven experience in assessing, designing, deploying, and operating SIEM platforms.
Expertise in SIEM use cases creation.
Expertise in CSPM policy creation and fine-tuning.
Experience in defining best practices for optimized application and platform performance.
Demonstrated expertise in modifying configurations that improve SIEM performance.
Proficient in Kusto query language (KQL) and experienced in developing use cases.
Strong technical knowledge of Linux, Firewalls and Load Balancing principles.
Deep IT industry knowledge in specific areas related to Security like VM, AVM etc, Managed Security Services etc.
Can validate/evaluate if an information systems or operational architecture meets technical requirements and specifications.
Familiar with multiple architectural, development and operational methodologies.
Adani Group is a diversified organisation in India comprising 10 publicly traded companies. It has created a world class transport and utility infrastructure portfolio that has a pan-India presence. Adani Group is headquartered in Ahmedabad, in the state of Gujarat, India. Over the years, Adani Group has positioned itself to be the market leader in its transport logistics and energy utility portfolio businesses focusing on large scale infrastructure development in India with O & M practices benchmarked to global standards. With four IG rated businesses, it is the only Infrastructure Investment Grade issuer in India.
Adani owes its success and leadership position to its core philosophy of ‘Nation Building’ driven by ‘Growth with Goodness’ - a guiding principle for sustainable growth. Adani is committed to increase its ESG footprint by realigning its businesses with emphasis on climate protection and increasing community outreach through its CSR programme based on the principles of sustainability, diversity and shared values.
Watch Pehle Pankha Ayega | Phir Bijli Aayegi : https://www.youtube.com/watch?v=1orXXuPzNmY
