Primary Skills Cybersecurity Operations Optimization, Tuning and Alerting Job Description The Proposer will provide guidance in selecting, planning, designing, and implementation of the selected solution. Knowledge transfers and work product documentation shall be included in every work phase. This is role that will document blueprints, use cases, processes, etc. This person gets information from people on the project and just creates technical architecture and process documents. Cybersecurity Operations Optimization, Log Analysis, and SIEM Tuning Proposer will work alongside with staff to review current log sources ingested by IBM QRadar SIEM to ensure logs are optimized. Proposer will assist in enhancing the monitoring capabilities of the CSOC by reviewing new and existing technologies in LADWPs environment to ensure logging is optimal. Proposer will assist the CSOC in determining the readiness in preparation to meet additional business requirements as more business units are requesting monitoring services. Tune log sources for optimal correlation within QRadar ensuring proper offense generation with minimal false positives Conduct knowledge transfer sessions with staff on regular basis on log analysis, threat hunting and SIEM tuning. KPI Dashboards and Reporting Proposer will work with staff to develop dashboards to visualize information that will be utilized by personnel from SOC analysts to Executive Management. Assist in the enhancement of turnover log reports and SOC metric tracking following industry best practices with commonly used tools and potential integration point with the Governance, Risk and Compliance Archer tool for reporting. Conduct knowledge transfer sessions with staff on regular basis on KPI dashboards and reporting. Develop and implement playbooks and use cases for offense generation and Incident Response. Work with staff to develop playbooks for Incident Response, offense handling and escalations, and develop use cases for offense generation in QRadar based on new and existing log source Conduct knowledge transfer sessions with staff on regular basis on offense generation Incident Response and playbooks