JSAMP SIEM Admin Job

Education Qualification Requirements:
B.Tech (Computer Science/IT/Electronics/Communication Engineering) with min 60% marks

Desirable CEH

Experience - 4 - 8 Years

Responsibilities
Development of correlation rules to detect cyber-attacks and insider threats.
Development of trend analysis graphs (SIEM Dashboards) for critical events based on event correlation.
Develop JSAMP/ Azure Sentinel playbooks/workbooks and train SOC monitoring team on JSAMP(Wazuh) platform.
Evaluate existing Elastic clusters, configuration parameters, indexing, search and query performance tuning, troubleshooting, security and administration.
Focus on performance tuning and improving performance by understanding optimization and looking into several scenarios
JSAMP deployment on Cloud platforms and containers.
Designs, implements, and configures Kibana visualizations as required.
End to end ELK data Ingestion, enrichment, transformation and visualization
Qualitative Requirements
2+ years experience in ELK stack designing, development and management.
4+ years experience in cyber security domain.
Well versed with relevancy scoring and analytical application of Elasticsearch with knowledge in data science.
Strong experience in grok filters, Xpack, metrics, cluster management, pipelines
Relevant experience in Java and Linux (2-3 years)
Exposure to architectural patterns of a large, high-scale applications, well-designed APIs

Information above is Internshala's interpretation and paraphrasing of what we found on the shared link.