Google SecOps (Chronicle) SIEM & SOAR – Technical Specialist / Trainer _ Pan India _ WFO

<p data-end="296" data-start="263"><b>Project Location:</b> Pan India</p> <p data-end="409" data-start="367"><b>Domain:</b> Consumer, Retail & Logistics</p> <p data-end="450" data-start="411"><b>Work Mode:</b> WFO (Work From Office)</p> <p data-end="486" data-start="452"><b>Interview Mode:</b> Face to Face</p> <p data-end="549" data-start="488"><b>Shift Timings:</b> 6:00 AM 9:00 PM (Coverage-based shift)</p> <b>Job Description:</b> <p data-end="1037" data-start="695">We are looking for an experienced <b>Google SecOps (Chronicle) SIEM & SOAR Specialist</b> with strong technical expertise in platform troubleshooting and a passion for <b>knowledge sharing and training</b>. The role involves deep hands-on support, creation of training content, and enablement of L1/L2/L3 teams through structured learning programs.</p> <b>Key Responsibilities:</b> <ul data-end="2261" data-start="1075"> <li data-end="1175" data-start="1075"> <p data-end="1175" data-start="1077">Provide advanced troubleshooting support for <b>Google SecOps (Chronicle) SIEM & SOAR</b> platform.</p> </li> <li data-end="1287" data-start="1176"> <p data-end="1287" data-start="1178">Manage and troubleshoot <b>log ingestion pipelines</b> including Forwarders, Bindplane, APIs, and Cloud Feeds.</p> </li> <li data-end="1379" data-start="1288"> <p data-end="1379" data-start="1290">Work extensively with <b>parsers</b> (Default, Custom, Gold, Logstash, Parser Extensions).</p> </li> <li data-end="1476" data-start="1380"> <p data-end="1476" data-start="1382">Design and optimize <b>UDM mappings, enrichments, detection rules (YARA-L)</b>, and dashboards.</p> </li> <li data-end="1578" data-start="1477"> <p data-end="1578" data-start="1479">Configure and support <b>SOAR connectors, playbooks, and integrations</b> across multiple platforms.</p> </li> <li data-end="1685" data-start="1579"> <p data-end="1685" data-start="1581">Analyze logs in multiple formats (<b>JSON, XML, CSV</b>, etc.) and resolve parsing and enrichment issues.</p> </li> <li data-end="1775" data-start="1686"> <p data-end="1775" data-start="1688">Perform <b>Python-based troubleshooting</b> for log ingestion and transformation issues.</p> </li> <li data-end="1878" data-start="1776"> <p data-end="1878" data-start="1778">Write and execute <b>SQL queries</b> (SELECT, JOIN, GROUP BY, etc.) for data validation and analysis.</p> </li> <li data-end="1981" data-start="1879"> <p data-end="1981" data-start="1881">Review, create, and maintain <b>Knowledge Articles (KAs)</b> for technical and operational scenarios.</p> </li> <li data-end="2055" data-start="1982"> <p data-end="2055" data-start="1984">Train and mentor team members to bridge <b>technical knowledge gaps</b>.</p> </li> <li data-end="2261" data-start="2056"> <p data-end="2155" data-start="2058">Design and deliver <b>structured learning paths</b> for L1 / L2 / L3 support readiness, including:</p> <ul data-end="2261" data-start="2158"> <li data-end="2198" data-start="2158"> <p data-end="2198" data-start="2160">Real-world troubleshooting scenarios</p> </li> <li data-end="2227" data-start="2201"> <p data-end="2227" data-start="2203">Hands-on lab exercises</p> </li> <li data-end="2261" data-start="2230"> <p data-end="2261" data-start="2232">Assessments and evaluations</p> </li> </ul> </li> </ul> <b>Mandatory Skills:</b> <ul data-end="2562" data-start="2295"> <li data-end="2373" data-start="2295"> <p data-end="2373" data-start="2297">Strong hands-on experience with <b>Google SecOps (Chronicle) SIEM & SOAR</b>.</p> </li> <li data-end="2442" data-start="2374"> <p data-end="2442" data-start="2376"><b>Chronicle Product Engineering Support & Training experience</b>.</p> </li> <li data-end="2562" data-start="2443"> <p data-end="2562" data-start="2445">Expertise in <b>log ingestion, parsing, UDM, enrichment, detection rules (YARA-L), dashboards, and SOAR playbooks</b>.</p> </li> </ul> <b>Desired / Good-to-Have Skills:</b> <ul data-end="2844" data-start="2609"> <li data-end="2702" data-start="2609"> <p data-end="2702" data-start="2611">Experience managing or delivering <b>training programs</b> for Chronicle / SecOps platforms.</p> </li> <li data-end="2777" data-start="2703"> <p data-end="2777" data-start="2705">Strong <b>documentation, presentation, and knowledge transfer</b> skills.</p> </li> <li data-end="2844" data-start="2778"> <p data-end="2844" data-start="2780">Experience working in large-scale enterprise SOC environments.</p> </li> </ul> <b>Technical Skills Summary (Keywords):</b> <p data-end="3085" data-start="2897">Google SecOps (Chronicle), SIEM, SOAR, Log Ingestion, Parsers, UDM, Enrichment, YARA-L Detection Rules, Dashboards, SOAR Playbooks, Connectors, Python, SQL, Log Analysis & Troubleshooting.</p> <b>Candidate Profile:</b> <ul data-end="3325" data-start="3120"> <li data-end="3194" data-start="3120"> <p data-end="3194" data-start="3122">Excellent <b>verbal, written, communication, and presentation skills</b>.</p> </li> <li data-end="3263" data-start="3195"> <p data-end="3263" data-start="3197">Strong ability to <b>teach, mentor, and enable</b> technical teams.</p> </li> <li data-end="3325" data-start="3264"> <p data-end="3325" data-start="3266">Analytical mindset with hands-on troubleshooting expertise.</p> </li> </ul>