SME for SOAR products such as IBM Resilient/Rapid Insight/Sentinel and SIEM products Good knowledge on TIP Design HLD\LLD for customers based on experience, best practices and understanding of customer environment Experience with SOAR implementation and playbooks configuration Installation, implementation, troubleshooting of SOAR & SIEM tools Deploying and maintaining SOAR & SIEM systems Log Baselining – Document the logging levels and baselines for supported log sources Coordinating and conducting security event collection Understand logs, log formats and should be able to identify appropriate information for Log parsing and SIEM rule creation Manage and maintain User access control as per defined process SIEM Health – Keep a track of latest patches major version upgrades released by vendors and propose the same with SOC Manager Perform daily SIEM Health Check & Availability monitoring of all components Log Retention – Define and manage the log retention for all integrated devices as per defined agreement Data Enrichment and asset modelling on SIEM Custom integration – Develop parsers for non-supported log sources.

Desire Candidate:

Tool worked on SOAR, Connectors, Parser, Integration, Upgradation, Installaion.