Deloitte - Mumbai, IN
posted 16 days ago
About the position
Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. As a Consultant in our Cyber Team, you'll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. We are looking for a skilled and proactive LogRhythm L1 Engineer to join our Security Operations team. As a Level 2 Engineer, you will be responsible for advanced analysis, troubleshooting, and remediation of security incidents and events using the LogRhythm SIEM platform. You will work closely with other security professionals to identify and respond to potential security threats, refine detection mechanisms, and optimize security monitoring tools to ensure the highest level of security for the organization.
Responsibilities
- 2-4 years of experience in 24x7 (rotating shifts) monitoring at a Security Operations centre
- Preferred to be working in IBM QRadar SIEM solution
- Desirable that the candidate has leveraged SOAR in SOC monitoring
- Triage, analyze & respond to SIEM events with articulate analysis and clear response guidance/questions to other teams through established collaboration mechanisms (Ticketing systems, Mails)
- Leverage the Operational & Tactical Threat Intel data from the established feeds & sources to detect Threats
- Ability to efficiently utilize log analytics and usage of QRadar for analyzing & filtering logs
- Optimizes threat detection products for data security information and event management (SIEM), advanced email protection, endpoint detection and response (EDR), antivirus, intrusion detection systems, firewalls, proxies, and other industry standard security technologies
- Works closely with Level 2 & Level 3 team towards the continuous improvement of the service
- Should have expertise on TCP/IP network traffic and event log analysis
- Having strong perseverance to keep the Incident response actions focused & progressed
- Ability to effectively communicate (orally & written) complex technical issues to a diverse set of audience that include technical, non-technical & executive level staff
- Experience working in a Threat Intel team or Threat Hunting team would be a bonus
Requirements
- 2-4 years of experience in a Security Operations Centre
- Experience with IBM QRadar SIEM solution
- Experience with SOAR in SOC monitoring
- Strong analytical skills for triaging and responding to SIEM events
- Familiarity with Operational & Tactical Threat Intel data
- Expertise in TCP/IP network traffic and event log analysis
- Strong communication skills for diverse audiences
Nice-to-haves
- Experience working in a Threat Intel team
- Experience in Threat Hunting
Benefits
- Opportunities for professional growth and development
- Inclusive work environment
- Support for career ownership and mobility
