Job Profile Summary
The role of SIEM/MDR Platform Support Engineer (L2) is an experienced engineer that focuses on handling escalated issues and providing deeper technical expertise than L1 support. L2 engineers troubleshoot complex problems, integrate data feeds, and collaborate with development and engineering teams to resolve issues. They also play a role in training users on the SIEM platform.
They also possess technical support and trouble shooting skills along with the ability to apply technical knowledge to improve processes such as Request, Incident, Problem, Change, Event, Configuration, Asset, Service Catalogue, Knowledge, and Service Portal.
Key Responsibilities:
Escalated Ticket Handling:L2 engineers handle escalated issues from L1 support, requiring a higher level of technical knowledge and problem-solving skills.
In-depth Troubleshooting:They perform detailed investigations into technical issues, often involving analyzing logs, data, and system configurations.
Data Integration and Configuration:L2 support is involved in integrating data and event feeds with the SIEM platform, including implementing smart connectors and troubleshooting log source integration issues.
Collaboration with Engineering:They work closely with engineering and development teams to resolve complex issues and suggest process and product improvements.
On-the-Job Training:L2 engineers may also be responsible for training users on the SIEM platform and its features.
SIEM Platform Expertise:They have a deep understanding of the SIEM platform, its functionalities, and its integration with other security tools.
Security Operations Support:They may also be involved in tasks like designing correlation rules, and helping train machine learning models within the context of SIEM
Knowledge and Attributes:
SME on SIEM platforms:Understanding of the core functionality of SIEM systems, including log collection, analysis, and reporting. Associated understanding of areas like network monitoring, log formats etc.
Technical troubleshooting skills:Ability to diagnose and resolve basic technical issues related to the SIEM platform.
Customer communication skills:Ability to communicate effectively with users, explain technical issues, and provide clear guidance.
Problem-solving skills:Ability to identify problems, analyze their causes, and propose effective solutions. • Demonstrated ability to troubleshoot the difficult technical issues.
Knowledge of security concepts:Good understanding of security principles and threats, especially relevant to SIEM applications
• Proficient with analyzing log files and standard debugging concept.
Academic Qualifications and Certifications:
• Bachelor’s degree or equivalent in Information Technology or Computer Science or related field.
• Relevant Security certifications.
Required Experience:
• Medium level experience providing SOC platform technical support upto 8 yrs.