SIEM Engineer

Posted 3 Days Ago
Be an Early Applicant
Pune, Maharashtra
Junior
Information Technology • Security • Cybersecurity
The Role
As a SIEM Engineer, you will manage and optimize the Elastic Stack environment to enhance security, define alert logic, improve SIEM performance, evaluate incident responses, conduct threat research, and develop automated security workflows, while staying informed about emerging threats.
Summary Generated by Built In

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Job Description - As a SIEM Engineer, you will hold a pivotal position within our SIEM Engineering & Administration team. Your primary responsibility will be to fortify the security infrastructure of Qualys by meticulously managing and optimizing the Elastic Stack environment. This includes Elastic Search, Kibana, Beats, and Logstash components. Your expertise will be instrumental in ensuring the confidentiality, integrity, and availability of our critical data.

Responsibilities -:

  • Comprehensive knowledge in defining alert logic and write security use-cases with a focus on threat detection and incident response.
  • Continuously evaluate and improve the performance and efficacy of the SIEM by tuning existing rules and integrating new data sources.
  • Participate in regular incident postmortem exercises, with a focus on deficiencies requiring additional attention.
  • Expertise with SIEM systems and security log analysis and event correlation.
  • Detailed technical experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), attack methodologies and traffic flows for threats and vulnerabilities.
  • Contribute expertise in the following areas: threat hunting, red/blue team engagements, threat intelligence, data analysis, risk management, governance to a global team.
  • Leverage Risk Based Analytics to prioritize and manage security events based on risk scores to enhance effectiveness and accuracy of threat detection and response.
  • Threat research and threat hunting to identify emerging tactics, techniques, and procedures (TTPs) to build detection requirements using an intelligence driven approach
  • Partner with the security engineering team to mature monitoring and response capabilities.
  • Design automated workflows, develop automated security response playbooks and integrate security technologies with SOAR platforms.
  • Own the development and operation of automation and orchestration tools to reduce manual tasks.
  • Stay ahead of, and remain knowledgeable about, new threats and tactics. Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large network of devices and end-user systems.
  • Provide security guidance on existing and emerging cyber security threats.
  • Knowledge of Cloud platforms (AWS, Azure, GCP,OCI)

Qualifications -:

  • 1–3 years of experience in cybersecurity on writing security use-cases
  • Leverage various technologies in a very high paced team including: Sigma, Yara, ElasticSearch, Git and Python.
  • Experience with SOAR tools
  • Detailed understanding of security architecture principals and best practices.
  • In-depth understanding of Windows operating systems administration
  • In-depth understanding of networking or network administration
  • Previous experience conducting adversary emulation
  • Previous experience using cyber intelligence analysis or threat intelligence reports
  • Knowledge or application of the MITRE ATT&CK Framework
  • Basic experience with anomaly detection based on security systems
  • Basic experience using an IDS eg., Snort
  • Basic command of Linux systems administration and working with BASH
  • Hands on experience configuring Windows or Linux system logging
  • Basic understanding of networking including TCP/IP
  • Basic experience with network monitoring and packet analysis tools
  • Basic understanding of HTTP, SSL/TLS, SOAP, and reverse proxies
  • Basic understanding of the OWASP Top 10
  • Basic knowledge of threat vectors against the Windows or Linux platform

Top Skills

Python
The Company
2,736 Employees
On-site Workplace
Year Founded: 1999

What We Do

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.
The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com

Similar Jobs

Hybrid
Mumbai, Maharashtra, IND
289097 Employees
Hybrid
Mumbai, Maharashtra, IND
289097 Employees
Hybrid
Mumbai, Maharashtra, IND
289097 Employees
Hybrid
Mumbai, Maharashtra, IND
289097 Employees

Similar Companies Hiring

Silverfort Thumbnail
Security • Sales • Information Technology • Cybersecurity • Automation
GB
357 Employees
Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees
InCommodities Thumbnail
Renewable Energy • Machine Learning • Information Technology • Energy • Automation • Analytics
Austin, TX
234 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account