CONSULTANT
HCLTech
- Chennai, Tamil Nadu
- Permanent
- Full-time
Ability to plan and integrate log sources that are not supported out of box using REST API, RegEX, Pyhton scripts, etc.,
Ability to outlay a method for SOAR health check and log source health check.
Ability to handle customer escalations and guide the team to improve and maintain the day to day deliverables.
Ability to lead a team of admins by laying standard governance practices.
Upgrade/update of SOAR components & applications within.
Log source integration with SOAR tools which includes planning, providing configuration guidelines to other product admins and onboarding into SOAR.
Will be responsible for troubleshooting the broken log source integration by engaging respective teams or Vendor as per the complexity of the issue.
Will be responsible for the upkeep of the platform including all its components/agents by performing the required health checks.
Will be performing basic to moderate troubleshooting with the SIEM platform.
Will assist the SOC team by developing SOAR playbook rules and tune them as per security best practices.
Will work with one or more threat intelligence tools for integration with SOAR for automated threat enrichment purpose.
Will support the SOAR admins with playbook/workflow automation.
Will develop weekly/monthly reports/presentations and run through with Customers/Leaders for periodic review.
Should have good email and meeting etiquettes.
Should showcase ownership qualities on the deliverables.
Should be flexible with shift timings.Technical Experience:Minimum 8 Yrs of total experience with 4 years of SOAR platform administration experience with any cloud SOAR.
(1.) To clealry understand the client's cybersecurity environment and respective technological products. (2.) To identify and mitigate cybersecurity gaps in the client's environment and Skill Enhancement (3.) To complete assigned projects and tuningortechnical enhancement activities within the agreed timelines and support in the maturation of client's security postureorcomplianceorprocesses through idea generation and value creation. (4.) To analyse security concerns in Change Management Process and implement tools for Cyber Security improvement. (5.) To investigate cybersecurity incidents, perform RCA, work and coordinate with teams for all the ongoing critical security issues. (6.) To enable knowledge transfer through creationor maintenance of process documents; and training for specific tools to ensure all team members are updated on the tools and processes used (7.) To update client and stakeholders on current project progress and ongoing critical issues