Monitor SIEM Console & Dashboards and provide response to the internal team on reported incidents.
Monitor and review the activities.
Monitor & Reporting of system components health and take necessary steps in case of any observed issue.
Perform analysis on the reported incidents, determine the root cause, recommend the appropriate solution by coordinating with Bidder team.
The onsite resource must coordinate with client vendor teams, other internal stake holders to mitigate reported observations/incidents until closure.
Should provide real time situational awareness to the Company stakeholders.
Use and apply learnings from incident and provide recommendation for standardizing the SIEM Solution.
Develop and implement processes for interfacing with operational teams and other supporting teams.
Design, create and customize the dashboards as per the Company's requirements.
Ensure the necessary SOC documents like operating procedures, configuration management, Low Level Design etc. are up to date with the changes made in their respective areas.
Work on Improvement of overall posture of SIEM deployment to achieve Best return on investment.
Should have good understanding on MITRE att&ck framework.
Above is illustrative list of general activities. All Technology specific activities Related to SIEM to be carried out.
