Ampcus Cyber- MDR Resident Engineer

Job Title: MDR Resident Engineer

Company name: Ampcus Cyber
Experience: 3+ Years
Location: Bangalore

Job Summary

We are looking for a MDR Resident Engineer with 3 years+ of hands-on experience in managing, maintaining, and optimizing SIEM platforms. The role involves installing, log onboarding, and ensuring SIEM and SOAR platform stability and performance.

Key Responsibilities

SIEM Administration & Automation

• Administer and maintain SIEM platforms such as IBM QRadar / Splunk
• Onboard and normalize logs from security devices, servers, applications, cloud platforms, firewalls and databases
• Monitor SIEM/SOAR health, EPS/FPS, storage utilization, and license consumption
• Perform SIEM upgrades, patching, backup, and restoration activities

• Troubleshoot log collection issues involving network connectivity, certificates, agents, syslog, EPS limits, parsers, and time synchronization
• Coordinate with network, system, and application teams to restore log flow within defined SLAs
• Maintain documentation for log sources, baseline, use cases, and SOPs

• Integrate SIEM with SOAR, ticketing systems, and threat intelligence feeds
• Support log forwarding using Syslog, APIs, agents, and collectors

Technical Skills Required

SIEM Platforms

• Hands-on experience with any one or more SIEM tools
  • IBM QRadar
  • Splunk Enterprise Security

Security & Infrastructure

• Strong understanding of:
  • Network security (Firewall, IDS/IPS, VPN)
  • Windows & Linux logs

Good to have

• Syslog, REST APIs, HTTPS
• Regex, log parsing, filtering
• Basic scripting: Python / Bash / PowerShell

Soft Skills

• Good analytical and troubleshooting skills
• Ability to work in a 24x7 SOC environment
• Strong communication and documentation skills
• Team player with a proactive approach to problem-solving

Preferred Certifications (Good to Have)

• QRadar Admin
• Splunk Admin
• CEH / Security+