SIEM (Security Information and Event Management) PA / SA Level
PA Level 2 to3 years
SA Level 5 to 9 years
Primary Skills : Security Devices Integration, Platform Upgradation, SIEM Administration, Qradar,
Location : Chennai / Bangalore / Hyderabad / Anywhere in India
Should have active experience in administration and configuration of SIEM platform (Market leaders) for minimum 6 years .
IBM QRadar SIEM working experience will be an added advantage.
Should have sound / good technical knowledge in SIEM platform components and applications.
Should have hands-on experience in implementation of SIEM product / tool at On-Prem and Cloud including capacity and infra-augmentations activities.
Should have technical problem-solving skills in terms of logging, integration approach, tasks / project handling.
Should have good knowledge how infra and application security works in cloud platforms like Azure, AWS, Google, Oracle, etc and should have hands-on incorporating logs / events / flows from cloud into SIEM tools.
Should have coordinated with different stakeholders / support to find the cause and solve SIEM platform specific and related issues
Should have knowledge in Creating and Configuring different types of custom contents like rules / algorithms, reports, dashboards in SIEM
Should have an ability to integrate any third party or custom log / application integrations in SIEM
Should have ability to write custom DSM and integrate logs from third party systems, which are not supported natively in SIEM.
Should have worked in onboarding logs from public cloud environments like Azure, AWS, GCP and OCI
Should have done SIEM platform health checks, including documentation and reporting of actionable items.
Should have experience in multi-vendor products integration with SIEM both in supported and custom approaches.
Having IBM QRadar platform certifications on Administration / Deployment will be an added advantage
Candidate having Scripting knowledge, especially on python, shell and pearl will be an added advantage
Having hands-on usage of SIEM for insider threat detection would be an added advantage.
Having hands-on QRadar apps like UBA, Use case manager, QDI, Pulse will be an added advantage.
Employee Status : Full Time Employee
Travel : No
Job Posting : Mar 16 2021
Cognizant (Nasdaq-100 : CTSH) is one of the world's leading professional services companies, transforming clients' business, operating and technology models for the digital era.
Our unique industry-based, consultative approach helps clients envision, build and run more innovative and efficient businesses.
Headquartered in the U.S., Cognizant is ranked 194 on the Fortune 500 and is consistently listed among the most admired companies in the world.
Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us Cognizant.