Your key responsibilities

• Engineer, implement & support SIEM platforms (Chronicle, Sentinel & Splunk)
• Incident & Problem Management, Change & Release Management, Vendor Management, Capacity Management functions for the platform
• Provide production support for the platform as part of the team to ensure smooth operations, system function & system health
• Proficiency developing log ingestion and aggregation strategies
• Hands-on experiences with Sentinel SIEM administration, Configuration, and management of solutions.
• Experience with policy tuning, customization, implementation of best practices, determine specific value driven use cases, and fully integrate the solution into the environment.
• Good understanding about terraform & deployments.
• Understanding of MITRE ATT&CK and NIST Cyber Security Frameworks standards and implement on DB SIEM (Chronicle, Sentinel and Splunk).
• On-board new data sources into Chronicle, Sentinel analyze the data for anomalies and trends and build dashboards highlighting the key trends of the data.
• Contribute to product architecture, engineering & roadmap for the multi SIEM platform
• Develop security-focused content for Chronicle/Sentinel, including creation of complex threat detection logic and operational dashboards
• Work with cross-functional teams to proactively improve on existing integration automation/workflows.
• Maintain up-to-date knowledge of technology standards, industry trends, emerging technologies, and cyber security best practices.
• Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence.
• Passionate about data to drive information-based security analytics
• Manage backend functionalities for Chronicle
• Work with end users to understand and define the requirements
• Recommend GCP best practices for implementation
• Create Operational Documents for process