GRIDsentry
Website:
grid-sentry.com
Job details:
About Us -
GRIDsentry is Hiring OT Cybersecurity Experts for Power Infrastructure Projects. GRIDsentry is expanding its team to support large-scale OT Cybersecurity deployments for power substations and control centres. This project involves implementing advanced cybersecurity technologies to protect critical grid infrastructure.
Job Description -
The Applications Engineer – SIEM is responsible for the deployment, configuration, integration, and operational management of the SIEM platform within the OT cybersecurity environment across substations and control centres. The role ensures centralized log collection, correlation, threat detection, and security monitoring aligned with SOC operations. The engineer plays a key role in enabling real-time visibility, incident detection, and compliance monitoring by integrating diverse OT and IT data sources into the SIEM platform and developing actionable security intelligence.
Key Responsibilities -
SIEM Deployment & Configuration
• Install, configure, and maintain the SIEM platform in line with project architecture.
• Configure system components including collectors, forwarders, storage, and processing nodes.
• Ensure high availability, scalability, and performance of the SIEM infrastructure.
Log Integration & Data Onboarding
• Integrate log sources from:
• Substation systems and OT devices
• Network devices (firewalls, switches, routers)
• Servers and operating systems
• Security tools (IDS, endpoint security, etc.)
• Normalize, parse, and validate logs for accurate ingestion and analysis.
Correlation & Use Case Development
• Develop and fine-tune correlation rules, use cases, and alerting mechanisms.
• Configure dashboards and reports for SOC operations and management visibility.
• Implement use cases aligned with OT cybersecurity threats and compliance requirements.
Monitoring & Incident Support
• Support SOC operations by monitoring alerts and assisting in incident detection and analysis.
• Investigate anomalies and escalate security incidents as per defined procedures.
• Optimize alert thresholds to reduce false positives and improve detection accuracy.
Integration & Interoperability
• Integrate SIEM with other cybersecurity systems including:
• IDS / IPS
• Endpoint Security (EDR, HIPS)
• Vulnerability Management Systems
• Ensure seamless data exchange and interoperability across platforms.
Performance Optimization & Maintenance
• Monitor SIEM performance and implement tuning for efficient resource utilization.
• Perform regular maintenance, updates, and health checks.
• Ensure data retention policies and storage management are maintained.
Compliance & Reporting
• Generate reports for security monitoring, compliance, and audit requirements.
• Ensure SIEM configurations align with project and regulatory compliance standards.
• Maintain documentation related to SIEM configuration and operations.
Experience -
• 5–8 years experience in SIEM deployment, configuration, and SOC operations.
• Experience in multi-source log integration and security monitoring environments.
• Exposure to OT/ICS environments is an added advantage.
Skills -
• SIEM platforms (e.g., Splunk, IBM QRadar, ArcSight, Elastic SIEM)
• Log parsing, normalization, and correlation
• Security event monitoring and analysis
• Use case development and alert tuning
• Basic scripting (Python, Shell) for automation (preferred)
• Understanding of network and endpoint security systems
Qualification -
• B.E / B.Tech in Cybersecurity, Information Technology, Computer Science, or related field.
Certifications (Preferred) -
• SIEM Platform Certifications (Splunk / QRadar / ArcSight)
• CompTIA Security+
• Certified SOC Analyst (CSA)
• CEH (Certified Ethical Hacker)
Click on Apply to know more.