Principal Engineer - SIEM | On-site, Bangalore

The Principal Engineer will be responsible for creation of procedures, implementation of processes and development of staff for managing and maintaining security systems across internal and client environments.  The Principal Engineer will work closely with Management, Senior Engineers, Solution Architects, Senior Security Engineers, other Principal Security Engineers and clients to complete high profile, critical services to existing Managed Security Service clients.  Serve as a subject matter expert and team lead for Managed Security Services, staying in tune with all client configuration issues and all internal projects.

How you’ll make an impact:

• Subject matter expert for onboarding SIEM components for existing and new clients.

• Experience in a large enterprise environment, of analyzing security event data for attack patterns and understanding attacker tactics.

• Experience in creating automated log correlations in a SIEM to identify anomalous and potentially malicious behavior.

• Working experience with Threat intelligence teams to be able to interpret IOC’s and use them efficiently for alerting.

• Experience using multiple online sources in order to identify new threats.

• Understanding of monitoring devices such as firewalls, network and host-based intrusion detection systems, web applications, AV, WAF, Proxy and operating system logs

• Create technical documentation around the content deployed to the SIEM.

• Ability to partner with anomaly detection and incident responders to improve data quality and reduce false positives.

• Ability to recognize patterns and inconsistencies that could indicate complex cyber-attacks.

• Experience in developing SIEM correlation rules to detect new threats beyond current capabilities.

• Manage appliance or virtual appliance OS and SIEM software.

• Create innovative solutions to automate and reduce timeframes for operational changes as well as the initial installation of the platform.

• Create rules for compliance and audit requirements and create and manage Watch Lists for current threats.

• Configure backups, verify custom reports, manage log source groups, and validate log sources with the client.

• Review and apply any newly available and applicable SIEM and/or appliance/virtual appliance software or policy updates monthly.

• Perform formal Health Check and administrative password change.

• Perform formal Architectural Review.

• Create custom rules/rule modifications and custom reports/ report modifications as needed.

• Manage SIEM user accounts (create, delete, modify, etc.).

• Add /Remove log sources. Troubleshoot issues with log sources or systems with the vendor, and report system defects as needed.

• Manage product enhancement/feature requests with vendors as needed.

• Perform software upgrades, updates, and patches as needed.

• Create client-specific Watch Lists if necessary.

• Perform technical account management duties for specific top-tier, strategic clients.

• Responsible for major SIEM client environmental changes including upgrades.

• Create custom documentation for internal and external needs.

• Responsible for mentoring and training of SIEM Engineer II employees

• Attend vendor-specific meetings and conferences for business and professional development.

• Responsible for testing and configuring new products and technologies.

What we're looking for

• Bachelor of Science degree in Computer Science or related field is required.

• 8+ years of experience in SIEM.

• Strong presentation and verbal communication skills.

• Work with internal teams and client teams.

• Work with service teams to secure various technologies.

• Ensure the security of the customer's environment.

• Responsible for testing and configuring new products and technologies.

• Assist with designing and documenting work processes within the SOC.

• The role demands the availability for US working hours (5PM (IST) to 2AM (IST))

• This role is Work from Office role.

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer (EEO). All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities.  For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.