{bc}
naukri

Lead SOC Engineer (SIEM)

Group 42
Abu Dhabi, UAE
Senior
7 months ago
engineeringdesignproject managementmaintenancequality controltechnical
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

engineeringdesignproject management
Smart Apply

Full Job Posting

Key Responsibilities

  • Deliver and Lead Splunk SIEM management services within the SOC environment.
  • Architect scalable and resilient Splunk-based SIEM solutions.
  • Define data ingestion strategies, parsing logic, and correlation rules.
  • Collaborate with the asset owner, client stakeholder, and SOC, in onboarding new log sources to the SIEM platform.
  • Maintain and govern SOC critical log sources, ensuring their proper functionality and integration with Splunk SIEM.
  • Detect log source issues, coordinate with customers to diagnose and resolve them in a timely manner.
  • Enhance and optimize telemetry within the Splunk environment to improve data collection, correlation, and reporting.
  • Collaborate with SOC and threat intelligence teams to develop detection use cases.
  • Implement dashboards, alerts, and reports for proactive threat monitoring.
  • Perform regular system updates to ensure Splunk functionality and security are up to date.
  • Resolve Splunk-related issues promptly and efficiently.
  • Proficiency in field extractions, data normalization, and CIM (Common Information Model) compliance.
  • Maintain the performance of the Splunk SIEM according to established best practices.
  • Participate in continuous process improvements to increase SOC efficiency and effectiveness.
  • Provide regular and accurate reports on Splunk services and SOC operations to relevant stakeholders.
  • Contribute to SOC architecture strategy and implementation initiatives related to Splunk in the pre-sales phase when required.
  • Plan and execute Splunk version upgrades and feature rollouts.
  • Evaluate and deploy new Splunk apps and add-ons.

Characterstics

  • Profound knowledge and hands-on experience with Splunk SIEM and other related technologies like CRIBL.
  • Understanding of SOC workflows, MITRE ATT&CK framework, and threat detection methodologies.
  • Ability to correlate data across multiple sources to identify patterns and anomalies.
  • Strong understanding of cloud and network technologies, essential for efficient log source onboarding.
  • Proven technical capabilities in a complex, fast-paced SOC environment.
  • Ability to diagnose and troubleshoot log source issues related to cloud and network infrastructures.
  • Strong understanding of SOC operations, cybersecurity principles, and best practices.
  • Excellent problem-solving skills and the ability to make decisions under pressure.
  • Ability to collaborate effectively with a variety of team members, including interfacing with customers to resolve issues.
  • High proficiency in written and verbal communication

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Group 42