- Building playbook to automate investigation and enrichment procedure.- Creating, maintaining and tuning parsers. - Maintaining, monitoring and troubleshooting pipeline services. - Collaborating with SOC team and developed new use cases or find opportunities to fine tune use cases.- Provide support for all SOC related pre-sales activities including solution architecting and participating in customer presentations.

Duty and Responsibilities - Responsible for setting up and configuring various SIEM systems in the lab environment, including Logpoint, Wazuh, and Logrhythm.- Responsible for creating custom rules within the SIEM systems to detect emerging threats. This includes analyzing log data, understanding the threat landscape, and creating rules that can identify potential security incidents.- Responsible for developing custom parsers to extract relevant information from different log sources such as FortiGate, Email-Security, Palo-Alto, and others.- Responsible for researching and identifying ways to optimize the performance of the SIEM systems.- Responsible for reviewing and fine-tuning existing rules as per the requirements. This includes analyzing the effectiveness of existing rules, identifying gaps, and making necessary changes to improve the overall efficacy.

Duty and Responsibilities - Participating in discussions with the SOC analyst team and SOC engineering team to ensure a shared understanding of the security aspects of both roles and to identify limitations and feasibility of objectives to enhance collaboration and ensure a clear understanding of each other's capabilities and limitations.- Actively participate in discussions with the SOC engineering team to ensure effective maintenance and optimization of SIEM.- Actively research on emerging threats and collaborating with both SOC Engineer and Analyst teams to identify potential vulnerabilities and implement appropriate measures to prevent and mitigate the impact of such attacks.