Urgent Opening —– SIEM/SOC Lead @ St. Louis, MO
Greetings from American IT Resource Group., Inc. J
I would like to touch-base regarding a position with one of our clients, appreciate if you could go through the below job details and reply as soon as possible with your thoughts.
Role: SIEM/SOC Lead
Location: St. Louis, MO
Duration: 6+ months contract
- Onboard all the Log Sources to the SIEM Platform by using the appropriate data connectors in coordination with the Vendor for all the supported log sources.
- Enable out-of-the-box detection capabilities & alerting using rule templates feature in SIEM based on the log sources.
- Enhance detection capabilities by creating custom rules tailored to the respective data and environment
- Investigation of Security Alerts triggered on the SIEM Platform.
- Document and Guide the team on alerts triaging and qualification into incidents or false positives
- Document and Guide the team on appropriate prioritization of qualified incidents, Notification through standard communication channel and opening of corresponding incident tickets on Ticketing platform
- Provide remediation recommendations for response to qualified security Incidents with reference to appropriate Security playbooks
- Keep abreast of Cyber Threat Advisories on global threats and critical vulnerabilities; Recommend actions to be taken based on the customer environment
- Providing Specific Incident information to security Incident Response Team towards resolution of a Critical Incident
- Understanding the Root cause and preparing an Analysis Report when required
Thanks & Regards,
Vasanth Kumar Sakthivel
American IT Resource Group Inc
VoIP: +1 (847) 598-4444 Ext: 8809
Mobile: +1 (315) 825-0516