| SIEM Engineer at Remote, Remote, USA |
| Email: [email protected] |
| From: Roshan, Triwavesolutions [email protected] Reply to: [email protected] The SIEM Engineer is responsible for designing, implementing, and managing the Microsoft Sentinel SIEM solution to collect, analyze, and visualize data from various sources within the Judiciary. This role involves managing the SIEM environment, creating dashboards, and ensuring the effective use of SIEM's capabilities to monitor, detect, and respond to security threats and operational insights for the consumption of the Security Analysts. The Microsoft Sentinel SIEM Engineer will work closely with security analysts, and stakeholders to optimize data intelligence and drive informed incident detection and response. 2. Essential Functions: a. SIEM Configuration: (1) Design and deploy SIEM resources, including configuring analytics rules, playbooks, Azure logic apps and data connectors, to support data collection and analysis needs. (2) Optimize SIEM configurations to ensure efficient data storage, retrieval, and search capabilities. b. Data Collection and Integration: (1) Collaborate with system owners to identify available data sources and drive initiatives to ingest that system data. (2) Develop data ingestion strategies, create data inputs, and set up data source integration for various log and event data types. (3) Design and implement data normalization and transformation processes for consistent and accurate analysis. c. Dashboard and Visualization Development: (1) Design and create interactive dashboards, reports, and visualizations using SIEM's capabilities. (2) Present data insights in a clear and actionable manner to support decision-making processes. (3) Develop data visuals for the SOC displays screens Keywords: SIEM Engineer [email protected] |
| [email protected] View all |
| Tue Jul 09 18:06:00 UTC 2024 |