Consultant - Security Information and Event Management (SIEM) Job in Delhi at Deloitte

Deloitte is hiring for the role of Consultant - Security Information and Event Management (SIEM)!

Responsibilities of the Candidate:

• Monitor and analyze security event logs from various systems, devices, and applications via the LogRhythm SIEM platform.
• Respond to and investigate security alerts generated by LogRhythm, assessing the severity and impact.
• Identify and escalate potential security incidents based on predefined criteria, ensuring appropriate action is taken.
• Perform initial analysis on security alerts to determine if they are false positives or require further investigation.
• Classify incidents based on their severity and impact, following standard operating procedures for escalation.
• Collaborate with higher-level engineers and security teams to investigate and resolve security events.
• Maintain accurate and timely documentation of security events, incidents, and actions taken.
• Assist in generating daily, weekly, and monthly security reports for internal stakeholders.
• Assist in the maintenance and configuration of LogRhythm SIEM, ensuring proper data ingestion, parsing, and normalization of logs.
• Support continuous improvement of detection and alerting capabilities by working closely with senior engineers to refine detection rules, correlation rules, and use cases.
• Work closely with other security engineers, SOC analysts, and incident response teams to ensure effective incident resolution.
• Communicate findings clearly and effectively to both technical and non-technical stakeholders.
• Stay up to date with the latest security trends, vulnerabilities, and technologies to enhance the organization's security monitoring capabilities.
• Participate in training and development to increase expertise in security operations and the LogRhythm platform.

Requirements:

• Hands-on experience with LogRhythm or other SIEM platforms (such as Splunk, QRadar, or ArcSight) is highly desirable.
• Basic knowledge of networking protocols (TCP/IP, HTTP, DNS, etc.), firewalls, intrusion detection/prevention systems (IDS/IPS), and other security technologies.
• Familiarity with common security tools, including antivirus, EDR, and vulnerability management tools.
• Prior experience in a Security Operations Center (SOC), IT security, or incident response role is preferred, but not required.
• Experience in event log analysis and understanding of common attack vectors and techniques.
• Strong analytical and problem-solving skills.
• Excellent communication skills, both verbal and written.
• Ability to work effectively under pressure and handle multiple tasks simultaneously.
• Certifications (Preferred but not required):
• CompTIA Security+, CEH or similar certifications.
• LogRhythm Certified Security Analyst or other SIEM-specific certifications are a plus