- info@lkcareers.lk
- No : 07, Turnour Rd, Colombo 08.
- 070 700 1110
Key Responsibilities:
Provide operational support using SIEM (Splunk, Azure Sentinel), EDR (CrowdStrike, Defender, Carbon Black), and NSM (Fidelis, ExtraHop) solutions
Perform second-level incident validation and detailed investigations
Coordinate and communicate incidents with clients to ensure containment, eradication, and recovery
Handle SIEM support activities including ad-hoc reporting and troubleshooting
Provide near real-time monitoring, analysis, remediation, and tracking of security events
Advise customers on best practices and effective use of security solutions
Required Skills and Experience:
Minimum 3+ years of hands-on experience in SIEM/EDR/NSM solutions
Strong knowledge of Splunk, Azure Sentinel, ELK Stack
Experience with Fidelis XPS, ExtraHop
Knowledge of endpoint protection tools such as Carbon Black, Tanium, CrowdStrike, Defender
Experience in Security Monitoring and Cyber Incident Response
Knowledge of RegEx, Perl scripting, and SQL query language
Certification in any SIEM platform
Certifications such as CCSA, CEH, CISSP, GCIH, or GIAC are preferred
B.Tech / B.E. with strong technical skills
Ability to work in 24x7 shifts
Strong verbal and written communication skills
Exposure to IOT/OT monitoring tools (Claroty, Nozomi Networks) and people/project management skills will be an added advantage.
