CD- SIEM Content Development-Arcsight/ LogRhythm /Sentinel/Splunk-Senior Associate -Bangalore

PwC

Bangalore, Karnataka
Permanent
Full-time

2 months ago

Line of Service AdvisoryIndustry/Sector Not ApplicableSpecialism Cybersecurity & PrivacyManagement Level Senior AssociateJob Description & Summary A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.The Threat Detection team works with clients to detect cyber threats, identify malicious activity that could compromise the network and help with mitigation efforts before the threat can present vulnerabilities.To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

Year of Experience

4-8 Years
Position Requirements
Minimum of 4-8 years of prior experience in SIEM Technologies, Information Security Expertise in SIEM
solutions like Splunk, ArcSight and Azure Sentinel Tools.
Expertise in building use cases around NIST and MITRE ATT&CK framework to enable detection at various stages of a cyber attack.

Implementation of use cases using SPL/KQL with complex correlation across different data sources.
Development of dashboards/workbooks, alerts.
Implementation of SOAR workflows using Logic Apps, Phantom, Demisto etc

Preferred Knowledge

Basic knowledge of User Entity Behaviour, Machine Learning models.
Scripting knowledge of python is an added advantage.
Assist in administration, maintenance and optimization of the Splunk Enterprise and Splunk ES.
Integrating log sources with Sentinel using REST API.
Working knowledge of all architectural components of SIEM
Knowledge about cloud environment and hybrid environments

Implementation of clustered environment and related concepts such as High availability, parallel
processing etc.
Working knowledge in Azure services like Security center, azure monitor, log analytics, NSG, Storage,
Azure Functions,defender ATP, etc.

Experience of threat intelligence and threat hunting is added advantage.

Preferred Skill
SIEM Technologies, Information SecurityExpertise in SIEM solutions like Splunk, ArcSightand Azure
Sentinel Tools.

KQL/SPL

Professional and Educational Background

Bachelor's Degree Preferred.

Additional Information

Line of Service: Advisory

Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)Required SkillsOptional SkillsDesired Languages (If blank, desired languages not specified)Travel Requirements Not SpecifiedAvailable for Work Visa Sponsorship? NoGovernment Clearance Required? NoJob Posting End Date

PwC

Apply Now