·Understand SIEM product architecture
·Ensure up-time of SIEM components ·Perform daily SIEM Health Check & Availability monitoring ·Understanding logs, Log formats, identify appropriate information for Log parsing and SIEM rule creation, Log Source Review ·Suggest logging levels and baseline log sources. ·Understanding of Log sources such as Operating System, Database, Web servers, Security and Network Technologies ·SIEM Content Development – Keep a track of latest patches major version upgrades released by vendors ·Log Retention – Define and manage the log retention for all integrated devices as per defined agreement ·Data Enrichment and asset modelling ·Custom integration – Develop parsers for non-supported log sources as per scope