Cyber Security Specialist

Your Work Profile:

• Location: Gurugram, Haryana

• Manage, maintain, and enhance our Google Chronicle SIEM and SOAR platforms, ensuring effective monitoring, detection, and response to security incidents.
• The candidate will have strong experience in Google Chronicle administration, detection engineering, and SOC operations to provide continuous security improvements, automation, and technical support to the SOC team.

Key skills required

• 8+ years of experience in Security Operations, with 2+ years hands-on in Google Chronicle or Google SecOps platform.
• Chronicle Administration: Deploy, configure, and manage Google Chronicle SIEM components, including data ingestion pipelines, UDM parsers, detection rules, and retention configurations.
• Log Source Management: Integrate diverse log sources from cloud platforms (GCP, AWS, Azure), network devices, applications, and security tools (firewalls, EDR, DLP, etc.) ensuring proper ingestion and normalization.
• Detection Engineering: Develop, fine-tune, and optimize YARA-L rules and detection logic to identify malicious behaviors, mapping each to MITRE ATT&CK techniques.
• SOAR Automation: Design, implement, and maintain automated playbooks in Google SOAR (Siemplify) to streamline incident enrichment and response workflows.
• Threat Detection & Response: Collaborate with SOC analysts to investigate alerts generated by Chronicle, perform event correlation, and support incident triage and root cause analysis.
• Integration & Customization: Utilize REST APIs, BigQuery, and scripting to enhance Chronicle capabilities and integrate with complementary tools (ServiceNow, VirusTotal, CrowdStrike, Proofpoint, Zscaler, etc.).
• Performance Optimization: Monitor ingestion volumes, storage utilization, and system health to ensure optimal performance of Chronicle tenants in high-EPS environments.
• Dashboard & Reporting: Create analytical dashboards and management reports for visibility into detections, coverage, and SOC KPIs.
• Compliance & Governance: Ensure Chronicle operations and data retention align with enterprise and regulatory frameworks (ISO 27001, NIST CSF, RBI, GDPR, etc.).
• Troubleshooting & Maintenance: Diagnose and resolve Chronicle-related issues including ingestion delays, parser mismatches, and detection errors.
• Upgrades & Enhancements: Coordinate platform enhancements, API updates, and version rollouts in line with Google best practices and release cycles.
• Education: Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.