Job Title: XSOAR Consultant
Location: Remote
Location: Remote
Company Overview:
Pulivarthi Group is a premier global provider of staffing and IT technology solutions, renowned for delivering exceptional services tailored to each client's unique needs. With a steadfast commitment to excellence, we merge expertise with innovation, ensuring cost-effective solutions of the highest quality. Our diverse client base spans healthcare, finance, government, and beyond, reflecting our adaptability and proficiency across industries. Operating in the United States, Canada, and Mexico, we pride ourselves on aligning with clients' cultures, deploying top-tier talent, and utilizing cutting-edge technologies. Pulivarthi Group stands as a beacon of reliability, efficiency, and innovation in the realm of staffing solutions.
Pulivarthi Group is a premier global provider of staffing and IT technology solutions, renowned for delivering exceptional services tailored to each client's unique needs. With a steadfast commitment to excellence, we merge expertise with innovation, ensuring cost-effective solutions of the highest quality. Our diverse client base spans healthcare, finance, government, and beyond, reflecting our adaptability and proficiency across industries. Operating in the United States, Canada, and Mexico, we pride ourselves on aligning with clients' cultures, deploying top-tier talent, and utilizing cutting-edge technologies. Pulivarthi Group stands as a beacon of reliability, efficiency, and innovation in the realm of staffing solutions.
Job Description:
We are seeking an experienced XSOAR Consultant to join our team. In this role, you will collaborate with the technical lead to develop and optimize log ingestion strategies, enhance detection capabilities, and serve as a Subject Matter Expert (SME) in SIEM, correlation, and log source ingestion. The ideal candidate will have a strong background in deploying and integrating SIEM solutions in enterprise-level environments, coupled with expertise in creating correlation and detection rules.
We are seeking an experienced XSOAR Consultant to join our team. In this role, you will collaborate with the technical lead to develop and optimize log ingestion strategies, enhance detection capabilities, and serve as a Subject Matter Expert (SME) in SIEM, correlation, and log source ingestion. The ideal candidate will have a strong background in deploying and integrating SIEM solutions in enterprise-level environments, coupled with expertise in creating correlation and detection rules.
Responsibilities:
Log Ingestion Strategy:
Collaborate with the technical lead to develop a comprehensive log ingestion strategy.
Document a detailed, step-by-step process for ingesting high-quality log sources.
Monitor and optimize log sources to ensure maximum efficiency.
Detection Strategy:
Contribute to the detection strategy using industry best practices.
Create and fine-tune high-quality correlation rules to enhance threat detection.
Tune log sources and correlation rules for optimal performance.
Subject Matter Expertise:
Serve as a SME for SIEM, correlation, and log source ingestion.
Identify opportunities for automation to improve analyst alert handling.
Collaboration and Documentation:
Work closely with internal and external teams to ensure successful product adoption.
Create comprehensive technical documentation detailing SIEM aspects of the engagement.
Log Ingestion Strategy:
Collaborate with the technical lead to develop a comprehensive log ingestion strategy.
Document a detailed, step-by-step process for ingesting high-quality log sources.
Monitor and optimize log sources to ensure maximum efficiency.
Detection Strategy:
Contribute to the detection strategy using industry best practices.
Create and fine-tune high-quality correlation rules to enhance threat detection.
Tune log sources and correlation rules for optimal performance.
Subject Matter Expertise:
Serve as a SME for SIEM, correlation, and log source ingestion.
Identify opportunities for automation to improve analyst alert handling.
Collaboration and Documentation:
Work closely with internal and external teams to ensure successful product adoption.
Create comprehensive technical documentation detailing SIEM aspects of the engagement.
Qualifications:
6+ years of experience in deploying and integrating SIEM solutions in enterprise to large enterprise-level environments.
Experience with Security Operation Centers (SOC) tooling and processes.
Expertise in event collection, log management, event management, compliance automation, and identity monitoring using SIEM platforms.
Proven ability to create and develop correlation and detection rules within a SIEM to support alerting capabilities.
Experience with a variety of SIEM technologies, such as Splunk, IBM QRadar, etc.
Ability to suggest detection strategies based on customer requirements.
Strong skills in Regular Expressions.
Ability to understand logs and locate/understand third-party documentation when necessary.
Familiarity with reports on the status of the SIEM, including metrics such as the number of logging sources, log collection rate, and other performance metrics.
Knowledge of Security Analysis & Response, including endpoint, network, and cloud-based environments, is a plus.
Relevant bachelor's degree or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.).
6+ years of experience in deploying and integrating SIEM solutions in enterprise to large enterprise-level environments.
Experience with Security Operation Centers (SOC) tooling and processes.
Expertise in event collection, log management, event management, compliance automation, and identity monitoring using SIEM platforms.
Proven ability to create and develop correlation and detection rules within a SIEM to support alerting capabilities.
Experience with a variety of SIEM technologies, such as Splunk, IBM QRadar, etc.
Ability to suggest detection strategies based on customer requirements.
Strong skills in Regular Expressions.
Ability to understand logs and locate/understand third-party documentation when necessary.
Familiarity with reports on the status of the SIEM, including metrics such as the number of logging sources, log collection rate, and other performance metrics.
Knowledge of Security Analysis & Response, including endpoint, network, and cloud-based environments, is a plus.
Relevant bachelor's degree or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.).
Equal Opportunity Statement:
Pulivarthi Group is proud to be an equal opportunity employer. We are committed to building a diverse and inclusive culture and celebrate authenticity. We do not discriminate based on race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, disability, protected veteran status, or any other legally protected characteristics.
Pulivarthi Group is proud to be an equal opportunity employer. We are committed to building a diverse and inclusive culture and celebrate authenticity. We do not discriminate based on race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, disability, protected veteran status, or any other legally protected characteristics.