SIEM security specialist

Company Description

VUI since 2004 has been helping clients improve their business, environmental and social performance. We do this by applying innovative processes, market intelligence and fresh thinking.

Job Description

Title: SIEM security specialist

Location: Berlin, CT

Duration: Full Time Position

Relevant Experience & Experience Required: 7+ Years

Roles & Responsibilities:             

• Good understanding of the business need of the security and its impact 

• Strong technical skills in the area of network security, targeted attack etc. 

• Work independently with the clients/other TCS delivery teams to understand the requirements and provide solution 

• SIEM Management 

Mandatory Technical / Functional Skills                

• Good knowledge & working experience on central logging, event correlation, security incident management, SIEM architecture 

• Experience in implementation and management of the SIEM solution as Arcsight, Log Logic. 

• Experience in writing complex correlation rules, log source integration with SIEM 

• Implementation, configuration and management of SIEM solution. Experience shall comprise of 

 Experience and Capabilities:     

• Architecture Design        

• Tool Implementation & Configuration    

• Administration and Troubleshooting       

• Monitoring and reporting             

• Technology Refresh and Upgrades 

• Capabilities of performing the enterprise wide security assessment 

• Tools and Technologies: Arcsight, McAfee Nitro Security, Log Logic, Splunk 

• Log Source integration with SIEM. 

• Experience in writing XML parsers 

• Security Incident Management and Response experience 

• Firewall, IPS and Proxy management 

Activity Description: 

• Configure alerts for system health 

• Configure settings for log aggregation and normalization 

• Configure archiving and backups Configure alerts for incidents 

• Configure Daily/Weekly/Monthly compliance reports 

• Create dashboard for log monitoring 

• Manage and maintain logs collected (online and offline) 

• Backup and archive logs with restrictive/secure access. 

• Create limited administrator user and admin accounts 

• Periodically review log baseline 

• Respond to alert generated 

• Execute queries for CIS and audit requests 

• Review and analyze alerts 

• 24x7 log monitoring 

• Monitor for logs availability from added log sources. 

• Monitor total EPS being received at devices 

• Monitor devices system performance, system resources utilization (disk space, indexed data) and health monitoring 

• Monitor system health alerts 

• Monitor ST backup is successful 

• Daily Reports 

• Account lockout 

• Viruses identified 

• Connection to Blacklist IP 

• Weekly reports 

• Top 10 Internet users 

• Top 10 bandwidth consuming users/applications 

• Top 10 blocked URL 

• Top 10 attack URL blocked 

• Trend Analysis Report 

• CIP/SOX compliance and investigation reports

Thanks & Regards…

------------------------------

Prabhat kumar

Tel: 856-842-1988 Ext - 143

Ventures Unlimited Inc.

Additional Information

If available please contact me for more details at 856-842-1988 ext-143