Track Lead - Security Investigations, SIEM - HCLTech

Key Responsibilities

• Lead the migration of log and threat detection capabilities from Splunk to CrowdStrike Next‑Gen SIEM, ensuring minimal disruption and optimal configuration.
• Oversee day‑to‑day security event investigations, triaging alerts, and coordinating incident response activities.
• Design and implement SIEM rules, dashboards, and automated playbooks to improve detection coverage and reduce mean time to resolution.
• Collaborate with cross‑functional teams to integrate SIEM outputs with broader security tooling and reporting frameworks.
• Provide mentorship and guidance to junior analysts, fostering a culture of continuous improvement and knowledge sharing.

Requirements

• 5+ years of experience in SIEM engineering, with hands‑on expertise in Splunk and CrowdStrike platforms.
• Strong background in log management, threat hunting, and incident response processes.
• Proficiency in scripting (Python, PowerShell) for automation and data enrichment.
• Excellent analytical, communication, and stakeholder management skills.
• Relevant certifications such as Splunk Certified Engineer or CrowdStrike Certified Specialist are a plus.