T&T-Cyber-D&R-SIEM, LogRythm Engineering-Deputy Manager-Gurgaon
- Job requisition ID : 99123
- Location: Delhi
- Entity: Deloitte Touche Tohmatsu India LLP
The team
Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about Cybersecurity
Your Work Profile
- LogRhythm Administration: Install, configure, and manage LogRhythm components, including log sources, custom parsers, and correlation rules.
- Log Source Management: Onboard and manage log sources from network devices, servers, applications, and security tools to ensure accurate log ingestion and parsing.
- Use Case & Rule Development: Develop and fine-tune correlation rules, alarms, and custom use cases to detect malicious or anomalous activity.
- Threat Detection & Monitoring: Monitor, analyze, and respond to security events and incidents identified by LogRhythm.
- Performance Tuning: Optimize LogRhythm performance, including log throughput, storage, and tuning for high-EPS environments.
- Integration & Automation: Extend LogRhythm capabilities through API integrations and automation with other tools (e.g., firewalls, EDR, DLP).
- Incident Response Support: Assist the SOC team with investigations and root cause analysis using LogRhythm data and tools.
- Dashboards & Reporting: Create and maintain dashboards and reports for operational, compliance, and executive audiences.
- Compliance & Audit Support: Ensure alignment with regulatory standards (e.g., GDPR, HIPAA, PCI-DSS) in SIEM operations.
- Troubleshooting & Maintenance: Resolve issues related to log ingestion, parser errors, system performance, and general administration.
- System Upgrades & Patching: Plan and execute upgrades, patching, and system maintenance activities to ensure reliability and security.
Key Skills Required
- Bachelor’s degree in Computer Science, Cybersecurity, or a related field — or equivalent hands-on experience.
- 5+ years of hands-on experience with LogRhythm SIEM, including installation, configuration, and rule tuning.
- Strong understanding of SIEM operations, event correlation, log management, and security monitoring.
- Experience working in a Security Operations Center (SOC), with knowledge of threat detection and incident response.
- Proficiency with scripting and automation (e.g., Python, Bash, PowerShell) is a plus.
- Familiarity with security technologies such as firewalls, IDS/IPS, EDR, DLP, etc.
- Knowledge of security frameworks and standards such as MITRE ATT&CK, NIST, ISO 27001, etc
- Log Rhythm SIEM Certification.
- Base location: Gurgaon/Hyderabad
- Professional is required to work from office
- CISSP, CEH, CISM, or other relevant security certification
