CONSULTANT

HCLTech

Chennai, Tamil Nadu
Permanent
Full-time

29 days ago

DesignationCONSULTANTNo. of Positions1Experience4.5-8 YearsSkill (Primary)Information Security-NextGen SOC-SOAR EXPERTQualificationB.E, BBA, BCA, BCom, B-Tech, M.E., MBA, MCAJob Description (Posting).Summary: Seeking a resource for SOAR platform lead & administrator role to support SOAR services within HCL Cyber Security Fusion Centre.Must Have Skills: SOAR Platform architecture planning and deployment experience with SOAR Platforms like Palo alto Cortex XDR, IBM Resilience, Chronicle SOAR. Ability to develop custom log source integration using RestAPI, RegEx, Python or other. Also experienced with SIEM rule and usecase development. Good knowledge on working nature of other security tools & technologies. Basic Unix knowledge. Ability to manage a team of L1 & L2 SOAR Admins. Knowledge on Mitre Attack Framework or Cyber Kill Chain. Must have experience with SIEM and Security background.Good to Have Skills: Prior SOC Analyst role/Network security or other security platform management experience. Knowledge on Python or other scripting languages. Experience with SOAR.Job Requirements:Responsible for design & implementation of Google Chronical SOAR platform(s).
Ability to plan and integrate log sources that are not supported out of box using REST API, RegEX, Pyhton scripts, etc.,
Ability to outlay a method for SOAR health check and log source health check.
Ability to handle customer escalations and guide the team to improve and maintain the day to day deliverables.
Ability to lead a team of admins by laying standard governance practices.
Upgrade/update of SOAR components & applications within.
Log source integration with SOAR tools which includes planning, providing configuration guidelines to other product admins and onboarding into SOAR.
Will be responsible for troubleshooting the broken log source integration by engaging respective teams or Vendor as per the complexity of the issue.
Will be responsible for the upkeep of the platform including all its components/agents by performing the required health checks.
Will be performing basic to moderate troubleshooting with the SIEM platform.
Will assist the SOC team by developing SOAR playbook rules and tune them as per security best practices.
Will work with one or more threat intelligence tools for integration with SOAR for automated threat enrichment purpose.
Will support the SOAR admins with playbook/workflow automation.
Will develop weekly/monthly reports/presentations and run through with Customers/Leaders for periodic review.
Should have good email and meeting etiquettes.
Should showcase ownership qualities on the deliverables.
Should be flexible with shift timings.Technical Experience:Minimum 8 Yrs of total experience with 4 years of SOAR platform administration experience with any cloud SOAR.
(1.) To clealry understand the client's cybersecurity environment and respective technological products. (2.) To identify and mitigate cybersecurity gaps in the client's environment and Skill Enhancement (3.) To complete assigned projects and tuningortechnical enhancement activities within the agreed timelines and support in the maturation of client's security postureorcomplianceorprocesses through idea generation and value creation. (4.) To analyse security concerns in Change Management Process and implement tools for Cyber Security improvement. (5.) To investigate cybersecurity incidents, perform RCA, work and coordinate with teams for all the ongoing critical security issues. (6.) To enable knowledge transfer through creationor maintenance of process documents; and training for specific tools to ensure all team members are updated on the tools and processes used (7.) To update client and stakeholders on current project progress and ongoing critical issues

HCLTech

Apply Now