SIEM administration/Analyst L2 (Minimum)
Requirments
- Management & Maintenance of SIEM solution ensuring its health, availability, license utilization and storage related areas are addressed.
- Continually reviewing and maintaining configured SIEM log sources for appropriate normalization and parsing of logs into SIEM schema.
- Integrate SIEM solution with the assets including firewalls, routers, servers, applications and databases etc.
- Creating, fine-tuning and maintaining the SIEM use cases.
- Developing appropriate rules and use cases to notify SOC analysts.
- Ensuring SIEM solution is upgraded according to the requirements, supportive hardware and with vendor support.
- Ensure periodic SIEM backups are taken in alignment with approved policy directions from management.
- Semi-Annual health checks for SIEM.
- Provide structured monthly reports to the management for SIEM health status. highlighting availability status, license utilization, storage consumption etc.
