Description:

Job Role: SIEM Engineer

SIEM Engineers responsibilities include:

• Configure and administer the SIEM to supportthe needs of SOC.
• Provide first leveltechnical support for SIEM tool.
• Responsiblefor maintaining the health of the SIEM tool and ensuring 99.96%uptime of the platform.
• Perform regularpatching and version upgrades on the SIEM platform.
• Create necessary dashboards in SIEM to enable the SOCsecurity monitoring.
• Perform SIEM softwarepatching activities.
• Configure forwarders anddevelop TAs (if needed) to integrate various log sources with SIEMplatform for log monitoring.
• Coordinate orperform the scheduled backups and restore activities as per thebackup policy.
• Maintain the log baselines asper the requirements given in the log management policies andcompliance requirements.
• Manage faults;coordinate with principal vendor for resolution.
• Ensure Health and Maintenance of DR platform.
• Ensure real time data and Configuration replicationbetween Primary and DR sites.
• In case ofPrimary site failure, ensure platform availability in DR sitewithin defined SLAs.
• Ensure health andavailability of all Heavy Forwarders deployed at clientsite.
• Maintain separate asset inventories forall log sources being on-boarded for all individualclients.
• Maintain proper documentation for theentire SIEM platform.

To bring your dream to life,you’ll need:

• 8+ years of hands on experience in Information Securitydomain.
• 2+ years of experience in IT/OT SOCenvironments.
• Splunk Experience andcertification a must
• Must be currently workingin a Security Operations Environment, preferably in a power plantenvironment. 
•  Experienceworking with ICS best practices and frameworks such as:ISA-99/IEC-62443, NERC CIP, NIST SP 800-82, etc.