L3 SIEM (Fortinet - FortiSIEM & FortiSOAR Roles & Responsibilities IncludesThe Engineer will be the Forti SIEM & SOAR leading the technical aspects the platform activities like FORTINET/ Forti SIEM, Define Use cases, Playbooks automation, and incident response. Deploy and configure FortiSIEM and SOAR solutions. Integrate SIEM/SOAR with security tools (firewalls, EDR, threat intelligence feeds, ticketing systems). SIEM Integration / Device on-boarding /Log source integration / Reporting and visualization Content or rules development, New Use case creation and Use Case Fine tuning SOC process & procedures and Incident Response Run book / Play book creation Incident Response, Cyber threat analysis support, research and recommend appropriate remediation and mitigation Trending and correlation of monitored events to build new Indicators of Compromise (IOC), attack attribution and helping establish countermeasures increasing cyber resiliency identification of advanced cyber threat activities, Endpoint Detection & Response, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules etc.); and cyber threat intelligenceSkills & ExperienceStrong hands-on experience inFortiSIEMarchitecture, deployment, integration, and administration. Proficiency in SOAR platforms (FortiSOAR or similar). Hands on knowledge of Intrusion detection systems (IDS/IPS), Firewall, Cloud Security (preferably AWS, Azure) Good knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suites. Proficient in one more of the following computer languages PowerShell, Bash, Python, Java, C/C++ to support cyber threat detection or reporting. Deep understanding of the Lockheed Cyber Kill Chain and Mitre Att&CK framework Strong written and oral communication skills Education Bachelor's degree in Science or Engineering or Information Technology, related field, Minimum 7+ years’ experience in NextGen SIEM and 2 years in FORTISIEM & SOAR Cybersecurity, SOC Operations or Incident Response Should have one of the following certifications CISSP, CISA, OSCP, SANS, SIEM, CEH, CCNA Security etc Required Skills & Experience: Strong hands-on experience withFortiSIEMfor monitoring, alerting, and incident management Proficiency inSOAR platformsfor automation and orchestration of security workflows Ability to integrate and customize playbooks for incident response
Job Title
FORTISIEM support