Job Title: SIEM/SOAR/TIP Admin Job Code: GPA_SOC-0005

Function: Administration & Engineering, Reporting to: CSC Lead, Coverage: 8x5 and on-call

Description:

The Administration function is responsible for leading the staging, implementation, deployment,
management and tuning of the SIEM, SOAR and TIP Platforms, as well as log sources and
contextual enrichment data integration with coordination with CSC teams

Responsibilities:

• Integrate new security solution/devices into the CSC environment. This includes creation of

custom parsers for log sources.

• Configuration, management, performance & capacity monitoring and tuning of TIP, SIEM and

SOAR platforms

• Creation, Deployment and tuning SIEM Use Cases and Rules
• Creation, Deployment and tuning SOAR integrations and playbooks
• Manage SIEM log sources on-boarding, deployment, configuration & troubleshooting
• Verify data collection and log continuity and act to solve any log continuity problem
• Manage user access including user and group permissions updates for TIP, SIEM and SOAR
platforms

• Provide problem determination / problem source identification for the CSC platforms
• Patching, upgrading, and full system maintenance lifecycle
• Open support tickets to CSC technology vendors when required and ensure support issues are
resolved