Job Description

Weare seeking a highly skilled and experienced LogRhythm L3 Sr. Tech Lead Security Engineering Subject Matter Expert (SME) to join our cybersecurityteam. The ideal candidate will have extensive expertise in Security Informationand Event Management (SIEM), SOAR, User and Entity Behavior Analytics (UEBA),and Network Monitoring (NetMon) using LogRhythm. This role involves advancedtroubleshooting, system optimization, and ensuring the security of our networkinfrastructure. 5. KRAs of the role This is a core technical IC role which requires candidateto be hands on and ability to deliver the below tasks independently. > Ownership ofSIEM platform in terms of administration and management (should be currentlyperforming this role) a. Ensuring platform and serviceuptime. b. Efficient management of theplatform to ensure proper performance. c. Upgrade and updates (KBs)/patch as per OEM. d. Platform capacity management. e. Administration and managementof underlying Infrastructure Layer. f. Log Source Integration toinclude development of custom parsers for non-supported log sources. g. Integration with otherplatforms like Threat Intelligence. h. Configuration of SOAR plugins. i. Advanced troubleshooting ofthe SIEM platform. j. Problem management. Working closely with OEM. k. Configuration of rules reportsand dashboards based on inputs from monitoring team. l. Documentation of RCAs formajor incidents > Otherskills required a. Ability to interact with andmanage customer stakeholders in the context of platform management. b. Good team working skills andcommunication. 6. Technology and skills a. SIEM: LogRhythm is mandatory. b. SOAR: SIEM native of any thirdparty. c. UEBA Management: Configure, maintain,upgrade, and optimize the LogRhythm UEBA module to detect and respond toanomalous user activities. d. NetMon Management: Oversee thedeployment, configuration, and maintenance of LogRhythm NetMon to ensurecomprehensive network visibility. e. System Integration: Integratevarious data sources and security tools with SIEM, SOAR, UEBA, and NetMonplatforms to enhance visibility and detection capabilities. f. Technical Support: Provideadvanced technical support and troubleshooting for SIEM, SOAR, UEBA, andNetMon-related issues. g. Content Development: - Developand fine-tune detection use cases, and custom Reports / Dashboard to improvedetection capabilities and reduce false positives. And LogRhythm SOAR pluginsconfiguration (Standard / Customization). h. Threat Intelligence and BrandMonitoring. i. Scripting: Regex is mandatory. j. Knowledge of scriptinglanguages (e.g., Python, PowerShell) for automation. k. OS: Windows and Linux(intermediate skills). l. Good knowledge of securitydomain is mandatory.