• SIEM implementation and design, SIEM administration and custom quires writing/ custom dashboard creation • Experience on SIEM / IDS / IPS / Vulnerability Assessment • Experience on Antimalware solutions • Developed and test security alarms and alarm logic based on various data sources that feed the Security Information Management platform. • Implemented enterprise wide event correlation including rules development, reporting and alerting for near real time for the customers and internal. • Developed alarming strategy for new feeds to the Threat Management platform. • Developed tools (queries, reports, etc.), zoning asset categorization, asset modelling. • Performed Parser development for devices that are not supported by Splunk. • Identified improvement of alarming strategy for existing feeds. • Worked on Support Security Event Monitoring project, which included network technology, and collected log information from various sources and departments to validate data and for Security Event Monitoring / Incident Management. • Conducted research to set up direction and strategy especially in relation to the Security Event Monitoring project • Drafted conceptual and logical architecture specifications, with a focus towards established process, at both enterprise and project levels. • Diagnosing and resolving issues and problems with the clients' information technology systems involving several processes. • Investigating causes, analysing and diagnosing the problem and repairing or providing detailed alternative solutions.
Any Full time Graduate (10+2+3/4)
Vasavi: 040 - 49084408