Cybersec Infrastructure Operations & DevOps L3

Cybersec Infrastructure Operations & DevOps: L3 Domain Expert & SME

Experience

10+ years of experience in managing and developing security monitoring platforms.

Availability 8x5 Onsite (Business Days) with On-Call service outside business hours.

Core Mandate

Platform stability, content development, automation/orchestration, and custom dashboard maintenance.

Key Responsibilities:

• Manage the Customer's entire Security Monitoring Systems, including SIEM, EDR, SOAR, TIP, NDR, Loggers, and Parsers.
• Perform maintenance and enhancement of use-cases and correlation rules to ensure accurate and relevant event/incident generation.
• Expand SIEM, SOAR, and TIP capabilities by developing new required "Adaptors" for system integration and customization of Parsers.
• Automate and orchestrate response, triage, analysis, and containment tasks by developing, enhancing, and executing customized SOAR playbooks.
• Maintain and further develop the currently developed Dashboards using .net framework (C#), and integrate data sources to visualize key performance indicators (KPIs) for various management areas (Incident, Fraud, VM, Risk, etc.).
• Perform patching of all security systems used by monitoring and DFIR teams, ensuring minimal availability impact.
• Follow up on Vendor & License Management and Contract Renewal closure.
• Define, develop, and manage backup and Disaster Recovery Policies for security devices.

Required Skills:

• Expertise in SIEM/SOAR architecture, deployment, and content development.
• Advanced skills in C# and .NET framework for custom dashboard development/maintenance.
• Proficiency in scripting (Python, PowerShell) for automation and integration development (Adaptors/Parsers).

Job Type: Full-time