Job Description

Associate Security Consultant MAHIN-JOB-32157
Location: [SAN FRANCISCO]
Google Chronicle SIEM Job Description: The SME/Team Lead will be responsible for designing and administering the Google Chronicle SIEM platform. Work with asset owners to ensure the timely and efficient collection of security events for the purpose of detecting and responding to information security incidents. Roles & Responsibilities: ¿ Assists in Chronicle log collection platform design, testing and implementation. ¿ Deep expertise on different log sources integrations for data enrichment, API based integrations and building custom parsers. ¿ Hands on experience in working with cloud assets, especially supporting SIEM deployment in SaaS environment. ¿ Activates devices for log collection with certificates or agents. ¿ Troubleshoot forwarder issues. ¿ Monitor the infrastructure for capacity planning, system health, availability, and optimization. ¿ Verify custom reports, manage log source groups, and validate log sources with clients. ¿ Maintain a close partnership with Google on feature requests, upgrade planning, and product roadmap alignment. ¿ Perform supporting tasks such as system hardening, high availability configurations, and developing backup strategies. ¿ Identify and implement Automation opportunities in project. ¿ Review and apply any newly available and applicable updates on SIEM components routinely. Professional & Technical Skills: ¿ At least 8+ years of experience in Information Security, Risk Management, Infrastructure Security and Compliance ¿ 2+ years of hands on experience on Google Chronicle administration or development with good Understanding on Chronicle environments. ¿ 4+ years of experience in designing, administering, troubleshooting SIEM tools (e.g., Splunk, QRadar etc.) ¿ Expert in development of Regular Expression (REGEX) ¿ Any Security device Installations, Configuration, and troubleshooting (e.g., firewall, IDS, etc.) ¿ Hands on experience in supporting Google Cloud Platform, AWS/Azure Assets, especially supporting Chronicle deployment in GCP. ¿ Mid level expertise in UNIX, Linux, and Windows ¿ Excellent verbal and written communication skills ¿ Excellent time management skills Additional Information: ¿ Experience working in a diversified, virtual environment. ¿ Scripting experience in any language. ¿ Experience in data manipulation and regular expressions. ¿ Certifications such as ECSA, ITIL, GIAC GCIA, GCP, AWS/Azure/Cloud based Certifications. ¿ Advanced Certification from any SIEM vendor on products such as Splunk, QRadar, McAfee Nitro, etc. Education Keylent Inc

Job Tags

Remote job,

Similar Jobs