Job Description
Develop and implement content for any SIEM platforms, including Google Chronicle, Sumologic, and Splunk.
Configure and fine-tune use cases, correlation, grouping, and logical rules in SIEM tools.
Integrate new log sources, assets with SIEM, and incremental threat intelligence feeds.
Draft, test, and deploy YARA and Chronicle Backstory rules.
Curate and update Incident Response Guides.
Customize SIGMA rules and maintain familiarity with the MITRE ATT&CK Framework.
Develop threat detection content for various datasets such as Proxy, VPN, Firewall, and DLP.
Aid in process development/improvement for Security Operations.
Recognize and propose new security controls to bridge existing gaps.
Chronicle Backstory/ ELK Stack/ YARA / CrowdStrike rules experience is a plus.
Skills:- Security Information and Event Management (SIEM), Google Chronicle, Sumologic, Splunk and Crowdstrike
