Results-driven Senior SIEM Engineer Consultant with 10 years of experience in designing, implementing, and managing Security Information and Event Management (SIEM) solutions across diverse industries. Expertise in threat detection, incident response, security monitoring, and compliance. Proven track record in optimizing security infrastructure, integrating advanced threat intelligence, and delivering customized security solutions to enhance organizational security posture.
• Familiar with UEBA & Next-Gen SIEM tool (Securonix SNYPR) implementation and deployment.
• Good experience on Content Development, Regex and Parsing the Events.
• Knowledge on Device Integrations and Experience in Onboarding the Datasources.
• Developed 700+Custom Parsers as a team for unsupported devices/applications using
different parsing techniques.
• Familiar with Different Type of Integrations like Syslog, Database,SplunkPull & API.
• Knowledge on Web-hook Services & Cloud Collector Services.
• Hands on Experience in integrating Cloud based Datasources like
(AWS,O365,Azure,Okta,Crowdstrike,GCP etc.,)
• Knowledge on Syslog Filters Creation and Installation of NX Log Server.
• Hands on experience on Syslog forwarding on Cloud using SSL certificates.
• Involved in Data Onboarding for Global Customers.
• Device Integration and Onboarding Datasources using various techniques.
• Good at SNYPR Architecture including Hadoop (as a Back-End)
• Expertise in Deploying & Configuring SNYPR & SnyprEye (Monitoring Tool).
• Good at Log Collecting/Forwarding Concepts like RIN Integration with SNYPR OR Connector
Configurations and Knowledge on MySQL databases.
• Expertise in Developing & Fine-Tuning Use Cases related to Rule-Based/User Behavior-Based.
• Having good knowledge on Hadoop (Cloudera) Components like Kafka Brokers/Topics, Solr, HBase etc...
• Familiar with Content validation and use case validation.
• Working on creating threat models and developing the use cases to trigger as one of the stages as per kill chain analysis.