• Integration of standard and custom (UDLA) Log sources with LogRhythm SIEM.
• Manage, develop and tune the scripts that integrate SIEM
• Create technical documentation around the content deployed to the SIEM
• Monitor the impact of deploying new content to the health and performance of the SIEM
• Lead logging enrollments from multi-tier applications into the enterprise logging platforms
• Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
• Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
• Develop advanced reports to meet the requirements of key stakeholders
• Develop scalable security management tools and processes
• Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats
• Engineers, configures and deploys Enterprise SIEM/SEM solutions
• Develop automation for security tools management
• Collaborate with key stakeholders and Cyber Security to develop specific use cases to address specific business needs
• Collaborate with application owners to define and establish logging standards to address various governance requirements.

Skills

• Onboard log sources into SIEM
• Maintaining SIEM platform stability and health
• Monitoring system capacity to ensure that the platform does not encounter resource issues
• Diagnosing and resolving incidents related to the platform
• Resolving any platform issues that may occur within SLA and ensuring that service impact is minimal