CONSULTANT
Description:
Requisition Number
1416699BR
Job
Specialist
Experience
4.5-8 Years
Job Description (Posting).
We are a $13+ billion global technology company, home to more than 224,000 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud, and AI, powered by a broad portfolio of technology services and products.
HCLTech is a globally recognized leader in the Tech and IT industry, but we’ve never forgotten the startup mindset that got us here. We’ve always approached our work with an idea-first attitude because every one of our accomplishments —no matter how big or small —can be traced back to an idea’s single spark.
It’s that spark —that inner drive —that sets our people apart from our competitors. It enables us not just to pull off game-changing feat after game-changing feat but to better our world in the process. We want you to find your spark. Because that’s what drives you to be better, be more and ultimately, be more fulfilled.
Responsibilities:Leadership and Operations:
Lead the day-to-day operations of the security operations center (SOC) to protect the organization and its customers.
Investigate security incidents and coordinate response efforts.
Maintain engineering and security documentation.
Assist customers in optimizing SIEM system capabilities, including audit and logging features.
Create technically detailed reports on the status of the SIEM system.Deployment and Configuration:
Deploying QRadar Infrastructure: Responsible for deploying, configuring, and maintaining the overall QRadar infrastructure based on a holistic deployment architecture.
Health Checks: They perform health checks to ensure that the QRadar solution meets key performance indicators.
Audit and Monitoring: Regularly audit the SIEM system in the customer environment to ensure its effectiveness.Architecture and Design:
Understand the architecture of QRadar, which consists of various components such as data nodes, app hosts, and high availability (HA) configurations.
Familiarize themselves with data nodes and data storage mechanisms within QRadar.
Manage and maintain the app host, which plays a crucial role in extending QRadar’s capabilities through apps and extensions3.
Architect and implement high availability and disaster recovery solutions for QRadar deployments.
Configure and manage cloud based QRadar deployments.
Deploy and manage WinCollect Standalone and managed deployments.
Integration and Optimization:
Integrate QRadar with other security tools and platforms to enhance overall security posture and for response actions.
Optimization: Continuously optimize QRadar’s performance by tuning rules, modifying the base configuration, adjusting retention settings, and managing backups.
Managing support tickets with help of vendor support.
Apply Patches / Upgrades to the QRadar components, WinCollect and base platform to fix major vulnerabilities and issues.
Create custom parsers and connectors to integrate the log sources which are not supported out-of-box.
Qualifications:
Education: Typically, a relevant degree in Computer Science, Information Security, or a related field.
Certifications: Preferred certifications include CISSP, CISA, CEH, and SIEM-related certifications.
Technical Skills:
Familiarity with web proxies, Linux, and Windows operating systems.
Knowledge of regular expressions, data normalization techniques, and cyber security tools.
Understanding of intrusion detection methods and secured networks integration with the SIEM platform.
Proficiency in scripting and software development (e.g., Python, Perl, shell scripts etc)
Qualification
B-Tech, Master of Science, Master of Science in Technology
No. of Positions
1
Skill (Primary)
Information Security-SIEM expert-SIEM expert
Employee Group
Business Line FT
Entity
INFRA
Expected Date of Closure
11-Aug-2024
Reporting Manager Designation
ASSOCIATE DIRECTOR