Join our Talent Network
Skip to main content

Technical Lead - SIEM Content Development

Location: Bangalore, KA, India
Date Posted: Oct 22, 2021

Job Description

Description

Securonix provides the Next Generation Security and Information Event Management (SIEM) solution. As a recognized leader in the SIEM industry, Securonix helps some of largest organizations globally to detect sophisticated cyberattacks and rapidly respond to these attacks within minutes. With the Securonix SNYPR platform, organizations can collect billions of events each day and analyze them in near real time to detect advanced persistent threats (APTs), insider threats, privilege account misuses and online fraud. Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors.  
 
Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors.

Qualification:  

  • 8-10 Years of experience with developing use cases for detecting advanced cyber threats / insider threat scenarios
  • Expert knowledge of core security logs - Windows, Endpoint , Network etc. 
  • Experience running threat monitoring/hunting or  activities across a large environment with distributed providers, log sources, and assets.
  • Experience managing content library and experience in multiple lifecycle of content development 
  • Familiar with attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to hunts, investigations, and incident response.
  • Familiarity with compliance rules and regulations for cloud platforms
  • Experience developing detection content on SIEM/UEBA platforms 
  • Demonstrated ability to establish relationships and build rapport to influence colleagues at all levels, uncover issues, and identify resolutions 
  • Any of the following certifications are recommended but not mandatory: CISSP, SANS GCIH, GCIA, GNFA, GREM, CEH,OSCP
  • Thorough knowledge of information security components, principles, practices, and procedures.
  • Experience with the use case creation lifecycle from development , tuning/updates , investigation / playbooks 
  • Experience over on-call support and maintenance support of use case/content libraries
Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, and transfer, leaves of absence, compensation and training.
 
Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.
Save Job Saved
Share: mail

Similar Jobs