SIEM Google SecOps Manager

Virtusa

Job Location:

Bengaluru - India

Monthly Salary: Not Disclosed

Posted on: 9 hours ago

Vacancies: 1 Vacancy

Job Summary

SIEM Google SecOps Engineer

1. Should have end to end experience SME in Google SecOps engineering with Google Chronicle Google Threat Intelligence platform management experience.
2. Should have deep expertise in all modules of Google SecOps GTI and case management.
3. Lead the design and implementation of Google SecOps data ingestion from diverse sources and using various mechanisms for integration and normalization of logs.
4. Architect and maintain robust log ingestion pipelines from diverse log/data sources ensuring comprehensive data collection normalization and parsing.
5. Should have high proficiency and technical knowledge on Bindplane agents and its management components.
6. Should have practical & technical experience in building SecOps log forwarders and end to end management of the component.
7. Should be an expert in building UDMs in Google SecOps and creation of custom parsers where required for log sources.
8. Should have good practical experience in developing and implementing playbooks custom detection rules dashboards and reporting.
9. Automate SIEM tasks workflows and integrations using scripting languages (e.g. Python) to improve efficiency and scalability.
10. Create optimize response workflows improve threat detection capabilities and provide expert-level support during security incidents.
11. Collaborate with internal engineering teams to fine-tune log sources parsers and detection rules to improve alert fidelity.
12. Design develop implement and optimize advanced correlation rules use cases and detection logic within the enterprise SIEM platform.
13. Develop and refine high-fidelity security alerts dashboards and reportsto enhance threat identification reduce false positives and provide actionable insights.
14. Design and implement solutions to handle alert fatigue encountered in SIEM correlation.
15. Develop SOAR playbooks to provide case handling and Incident response as per triage needs.
16. Develop and maintain comprehensive SIEM documentation including system architecture diagrams data flow diagrams log source configurations alert rationale.
17. Contribute to the long-term vision and roadmap for SIEM and threat detection capabilities. Identify gaps and opportunities for improvement in existing detection strategies and recommend solutions.

Required Experience:

Manager

SIEM Google SecOps EngineerShould have end to end experience SME in Google SecOps engineering with Google Chronicle Google Threat Intelligence platform management experience.Should have deep expertise in all modules of Google SecOps GTI and case management.Lead the design and implementation of Googl...

SIEM Google SecOps Engineer

1. Should have end to end experience SME in Google SecOps engineering with Google Chronicle Google Threat Intelligence platform management experience.
2. Should have deep expertise in all modules of Google SecOps GTI and case management.
3. Lead the design and implementation of Google SecOps data ingestion from diverse sources and using various mechanisms for integration and normalization of logs.
4. Architect and maintain robust log ingestion pipelines from diverse log/data sources ensuring comprehensive data collection normalization and parsing.
5. Should have high proficiency and technical knowledge on Bindplane agents and its management components.
6. Should have practical & technical experience in building SecOps log forwarders and end to end management of the component.
7. Should be an expert in building UDMs in Google SecOps and creation of custom parsers where required for log sources.
8. Should have good practical experience in developing and implementing playbooks custom detection rules dashboards and reporting.
9. Automate SIEM tasks workflows and integrations using scripting languages (e.g. Python) to improve efficiency and scalability.
10. Create optimize response workflows improve threat detection capabilities and provide expert-level support during security incidents.
11. Collaborate with internal engineering teams to fine-tune log sources parsers and detection rules to improve alert fidelity.
12. Design develop implement and optimize advanced correlation rules use cases and detection logic within the enterprise SIEM platform.
13. Develop and refine high-fidelity security alerts dashboards and reportsto enhance threat identification reduce false positives and provide actionable insights.
14. Design and implement solutions to handle alert fatigue encountered in SIEM correlation.
15. Develop SOAR playbooks to provide case handling and Incident response as per triage needs.
16. Develop and maintain comprehensive SIEM documentation including system architecture diagrams data flow diagrams log source configurations alert rationale.
17. Contribute to the long-term vision and roadmap for SIEM and threat detection capabilities. Identify gaps and opportunities for improvement in existing detection strategies and recommend solutions.