Siem

Client of FiniteHR, IT Product Development Company

Our Client CMS Info systems is looking for SIEM

About our Client: http://www.cmsitservices.com/

Job Designation: SIEM

Job Location: Mumbai

Experience: 3-5Years.

Requirements:

1. Log and context data collection

• Collect all logs including operational logs and custom application logs

• Configuration of different technology devices by using agent-based\ agentless methods.

• Configuration of ODBC settings.        

2. Administration and Maintenance

• Configuration of device\host

• Daily Heath check of tool

• Vendor coordination for SIEM Tool Operational / Hardware issue. 

• Creation and modification rules and queries ( complex rules by aggregating more than two conditions)

• Creation and modification rules and queries

• Configuration and modification of alerts

• Troubleshooting of all errors in SIEM tool.

3. Monitoring and Analysis

• Daily Monitoring of Alerts.

• Daily Monitoring of Dashboards.

• Escalation of alerts as per defined process.

• Logging of tickets in ticketing tool.

• Assigning Tickets to respective owner for their response as per defined process

• Analysis of Critical Logs as defined by defined process.

• Follow-up on tickets till closure.

4. Alerting and Notification

• Configuration of alerts and notifications for all critical events of all on boarded technology

• Modification of alerts and notification

• Notifying Information Security team in case of any operational issue.

5. Reporting

• Daily Monitoring of Reports.

• Configuration of reports as per requirement.

• Scheduling of reports as per requirement.

• Configuration and customization of dashboards.

• Configuration of specific compliance reports as per requirement.

6. Log Retention

• Retain the logs as per defined process.

7. Proposed SLA and Penalty Clause

SLA Structure

Deliverables Resolution\ Deliverable Time Target Performance Measurement Frequency

Resolution of hardware issues T+1 100% As per occurrence

Resolution of software operational issues Within 4 hrs 100% As per occurrence

Closure of Critical Events T+1 99% Weekly

Closure of non-critical events T+2 97% Weekly

Reporting and Dashboard As per set Frequency 100% Daily\Weekly\Monthly

This is an Immediate Opportunity candidate with less than one month notice will be preferred.

Please ignore this mail if the above profile doesn’t match with your current Job Role.

Thank you for your Valuable Time

Hoping for a Prompt Response!!!

Best regards,

Eswar-Recruiter

FiniteHR Consulting Pvt Ltd

All your information will be kept confidential according to EEO guidelines.