Integration of standard and custom (UDLA) Log sources with LogRhythm SIEM.
Manage, develop and tune the scripts that integrate SIEM
Create technical documentation around the content deployed to the SIEM
Monitor the impact of deploying new content to the health and performance of the SIEM
Lead logging enrollments from multi-tier applications into the enterprise logging platforms
Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
Develop advanced reports to meet the requirements of key stakeholders
Develop scalable security management tools and processes
Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats
Engineers, configures and deploys Enterprise SIEM/SEM solutions
Develop automation for security tools management
Collaborate with key stakeholders and Cyber Security to develop specific use cases to address specific business needs
Collaborate with application owners to define and establish logging standards to address various governance requirements.
Skills
Onboard log sources into SIEM
Maintaining SIEM platform stability and health
Monitoring system capacity to ensure that the platform does not encounter resource issues
Diagnosing and resolving incidents related to the platform
Resolving any platform issues that may occur within SLA and ensuring that service impact is minimal