< Back to All Jobs

SIEM Expert

Location: India

Description

UST Global® is a leading provider of platforms, digital innovation, artificial Intelligence and end-to-end IT services and solutions for Global 1000 companies. We are transforming corporations through deep domain expertise, knowledge-based ML platforms, as well as profound anthropological efforts to understand the end customer and design products and interactions that create delight. We are deeply committed to developing a comprehensive understanding of our clients’ problems and to develop platforms to address them.    

CyberProof is a fully owned subsidiary of UST Global, helps companies increase their cyber resiliency and reducing their cyber risks by providing managed cyber security center out of a newly architected Security Operation Centre that dramatically increase the ability to react, detect and respond to cyber-attacks. CyberProof provides 24x7 security operations capability, supported by expert cyber security resources and cutting-edge tools, along with mature operational methodologies to address our customers cyber security operations requirements. All of our services are delivered through our advanced CyberProof Defense Centres located around the globe. Our goal is to provide enhanced detection abilities, faster response, collaborative issue resolution, effective recovery and actionable intelligence delivered through our state-of-the-art Security Orchestration, Automation and Response platform to increase scale and differentiation for our customers. 

 At the core of what we do is our people. The Security Operations Group of CyberProof consists of a global team of highly talented people. With 100+ highly experienced, certified cyber security experts, researchers and analysts, majority of our tier 3-4 expertise comes from Israeli Intelligence. This group strategize, develop and execute all cyber security activities locally and globally. Individuals and teams in this group work closely with client cyber security team and customer CISOs, CIO’s and/or senior business management on business & cyber security strategies and solutions. 

We are looking for a SIEM Expert to join part of CyberProof’s SOC group, focusing on SIEM technologies. The role requires a detail-oriented professional who will provide; senior level SIEM support to our pre-sales Team and delivery of SIEM solutions.

The SIEM Expert will be called upon to understand the customer requirements and recommend the appropriate SIEM solution to meet those requirements. The SIEM Expert will support the SIEM solution with Architecture and Design documentation. This role will be an excellent position for an individual with strong technical, communication, and customer facing skills.

Responsibilities

  • Understand customer requirements and recommend best practices SIEM solutions
  • Offer consultative advice in security principles and best practices related to SIEM operations
  • Developing new SIEM rules, correlations, dashboards to meet the customer needs
  • Design and document a SIEM solution to meet the customer needs
  • Assist in the creation and verification of Statement of Work (SOW) documentation
  • Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
  • Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
  • Assist client with technical guidance to configure end log sources in-scope to be logged to the SIEM
  • Verification of data of log sources in the SIEM follow the Common Information Model (CIM)
  • Document the build of the SIEM solution

Requirements

  • University Degree in Information Security or equivalent work experience
  • Minimum 4 years experience in a similar role
  • Experience with any two or more of the following SIEM products (in order of preference)
  • Sentinel
  • Splunk
  • IBM QRadar
  • McAfee ESM
  • Sumo Logic
  • RSA Security Analytics
  • HP ArcSight
  • Preferred SIEM Vendor certification of Administrator
  • Experience and proficient in UNIX/Linux and/or Regular Expressions.
  • The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC

APPLY FOR THIS POSITION