SECURITY SPECIALIST – FORTISIEM
SpryIQ Technologies Pvt. Ltd. is seeking a highly motivated and analytical SECURITY SPECIALIST – FORTISIEM to join our growing security team. In this role, you will be responsible for setting up, managing, monitoring and analysing security events, investigating potential threats, and responding to security incidents. You will play a critical role in safeguarding our customers IT infrastructure and data from cyberattacks.
What we are looking for
- Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
- 1-5 years of hands-on experience working with SIEM platforms like Splunk, FortiSIEM, IBM QRadar, ArcSight, or LogRhythm.
- Knowledge of SIEM architecture, log aggregation, and correlation rules.
- Ability to troubleshoot and resolve issues related to SIEM platform performance, log collection, and data integration. (Dashboards)
- Understanding of security compliance standards (e.g., GDPR, HIPAA, PCI DSS) and how SIEM can be used to meet regulatory requirements.
- Certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), SIEM certifications (e.g., Splunk Certified User, Fortinet NSE).
- Proficient in incident response processes – detection, triage, incident analysis, remediation and reporting.
- Ability to tune and optimize SIEM rules to reduce false positives and ensure the relevance of alerts.
- Ability to ingest and normalize logs from various sources (servers, applications, network devices) into the SIEM system.
- Basic understanding of cybersecurity principles, including network security, firewalls, and intrusion detection/prevention systems (IDS/IPS).
- Familiarity with common attack techniques (e.g., phishing, malware, DDoS) and incident response processes.
- Experience in monitoring security events, alerts, and analyzing logs for potential threats.
- Ability to identify, investigate, and escalate security incidents based on event data from various sources (firewalls, IDS/IPS, antivirus, etc.).
- Skill in developing and maintaining correlation rules, dashboards, and alerts within SIEM platforms.
- Experience with log parsing, searching, and filtering to extract relevant security information.
- Experience working in or supporting a Security Operations Center (SOC) environment, aiding in threat detection and response.
- Perform regular updates, patches, and system health checks.
- Understanding incident prioritization and handling.
- Conduct deep-dive investigations and forensic analysis on security incidents.
- Understanding of security compliance standards (e.g., GDPR, HIPAA, PCI DSS) and how SIEM can be used to meet regulatory requirements.
- Certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), SIEM certifications (e.g., Splunk Certified User, Fortinet NSE).
- Excellent analytical and problem-solving skills.
- Collaborate with other IT and security teams to enhance incident response capabilities.
- Ability to work independently and as part of a team in a fast-paced environment.
- Excellent time management and prioritization skills.
- Lead and coordinate response efforts during security incidents.
- Perform root cause analysis and develop remediation plans.
- Document incidents, findings, and actions taken in detailed reports.
- Continuously monitor network traffic, logs, and security events for suspicious activities.