Job Description-
Location- Bangalore, Pune
Exp- 6 to 10years
Platform Administration :
- Install, configure, and maintain Log Rhythm SIEM platform components (collectors, processors, and storage).
- Manage system updates, patches, and upgrades to ensure platform security and functionality.
- Monitor the health and performance of the platform, ensuring high availability and reliability.
- Troubleshoot and resolve issues related to the Log Rhythm platform, including data ingestion, alerts, and reporting.
- Perform periodic backups of configurations and ensure recovery processes are tested.
Security Monitoring & Event Management:
- Work with the security operations team to tune and optimize event correlation rules, policies, and alerts.
- Analyze and review Log Rhythm logs and events to identify potential security incidents or vulnerabilities.
- Configure and maintain custom log sources and integrations, ensuring all necessary data is ingested into the platform.
- Collaborate with other IT teams to integrate additional security tools into Log Rhythm (e. G., firewalls, IDS/IPS, endpoint protection systems).
Incident Response Support :
- Assist with investigating security incidents by providing insights from Log Rhythm dashboards, reports, and logs.
- Create custom reports and alerts to aid in incident detection and response.
- Provide technical support to security analysts during incident investigations.
Reporting & Dashboards:
- Develop and maintain customized dashboards and reports tailored to the organization's security requirements.
- Create automated reports for compliance and audit purposes.
- Provide visibility into security metrics and key performance indicators (KPIs) to stakeholders.
Performance Optimization:
- Continuously assess and improve the performance of the Log Rhythm platform, ensuring efficient data processing and storage.
- Identify and address any performance bottlenecks related to data ingestion, correlation, and reporting.
Collaboration & Documentation :
- Collaborate with internal teams to identify and address emerging security threats.
- Maintain clear and comprehensive documentation for platform configuration, processes, and incident resolution.
- Train and support team members on Log Rhythm best practices and usage.
Compliance & Security Standards:
- Ensure the platform is configured to comply with industry regulations (e. G., GDPR, HIPAA, PCI DSS).
- Conduct periodic reviews of platform configurations to ensure alignment with internal security policies.
Required Skills and Qualifications :
Education:
Bachelor’s degree in information security, Computer Science, or a related field, or equivalent experience.
Experience:
- Minimum of 4 6 years of experience in managing SIEM platforms, preferably with Log Rhythm.
- Experience with Log Rhythm deployment, administration, and troubleshooting. o Strong understanding of security technologies (firewalls, IDS/IPS, endpoint protection, etc.).
- Knowledge of log management, event correlation, and incident response workflows.
Technical Skills:
- Hands on experience with Log Rhythm platform components (Collectors, Processors, and Storage).
- Familiarity with Linux/Unix and Windows server environments.
- Knowledge of scripting languages (e. G., Python, Power Shell) for automation and customization.
- Familiarity with network protocols (e. G., TCP/IP, HTTP, DNS).
- Experience with creating and managing alerts, dashboards, and reports.
- Knowledge of security frameworks (NIST, CIS, etc.) and compliance regulations.
Preferred Skills:
- Log Rhythm certifications (e. G., Log Rhythm Certified Security Engineer).
- Experience with other SIEM platforms (Splunk, QRadar, etc.) is a plus.
- Experience with cloud environments and cloud native SIEM solutions.
- Strong understanding of threat intelligence platforms and integration.
Soft Skills:
- Strong problem solving and analytical skills.
- Ability to work under pressure and prioritize tasks effectively.
- Excellent communication skills, both verbal and written.
- Ability to work individually.