SIEM Engineering Lead – Google Chronicle

The Role

As a SIEM Engineering Lead – Google Chronicle, your principal goal will be to manage the complexities of large-scale projects on behalf of the client, to ensure that business benefits are understood by the client, and that TCS optimises engagement performance. You will work closely with the client IT organisation and client Process Owners to ensure system and process integrity of the template and to drive adherence to the template – ensuring that only critical localisation requirements are approved.

Your Profile

Proficiency in data on-boarding activities including routing, parsing, and normalizing events for Google Chronicle SIEM.
Experience onboarding data into Google Chronicle via APIs, scripted inputs, TCP/UDP, and modular inputs from a variety of sources.
Proficiency in managing Google Chronicle using configuration files.
General networking and security troubleshooting skills (firewalls, routing, NAT, etc.).
Experience developing log ingestion and aggregation strategies per Google Chronicle best practices.
Proficiency in regular expressions and parsing of the data for any custom log sources.
Experience ingesting and processing intelligence that aligns with MITRE ATT&CK Framework including TTPs that align with MITRE ATT&CK framework.
Experience in field of SIEM engineering.
Team handling and escalation management experience.
Expertise in Cyber Security Incident Response processes.
Proficiency in and hands-on experience with UNIX and Windows Operating System.
Be comfortable with security threat across a variety of security control and writing custom SIEM (Google Chronicle) queries for their detection.
Excellent written and oral skills, ability to work closely with customers, manage expectations and track engagement scope.