SIEM - Security Information Event Managemen (NCS/Job/ 2952)

High Level Responsibilities

SIEM Design, Configuration & Migration

Expected Activities

Experience in Implementing SIEM Ecosystem (MS Sentinel & components), and feature the people, process, and tools that enable successful adoption assuring the solution is able to meet the objectives of the business.

Assist in the proper operation and performance of MS Sentinel, Loggers and connectors and integration of data feeds (logs) into MS Sentinel

Provide strategic support of MS Sentinel integration and deployment, configuration and maintenance

Understand, interpret and develop content for SIEM products to meet internal and external customer requirements

Highly motivated and talented SIEM Architect who must have in-depth experience assessing, designing and implementing enterprise scale Splunk solutions.

Coordinate with other organizations (SOC/CSIRT) and assist with advanced issue resolution across the enterprise

Act as the MS Sentinel SME providing input into strategies, capabilities, and integrations to improve the availability and performance of applications.

Provide architecture-level design to support and operate MS Sentinel using security information and event management (SIEM) best practices.

Work closely with the Security Operations Center (SOC) and Engineering teams to improve existing environment.

Analyze SOC alerts statistics and workflows to reduce false positives and properly focus engineering efforts.

Provide recommendations and implement changes to optimize Sentinel products in the customer environment

Write and develop custom scripts, programs as needed

Researching new security technologies and their applications to SIEM, SOAR, and cloud environments.

Wipro Grade Expectation

B3 / C1