Our client are in need of a number of EPT and SIEM Engineers to role out SOC services to 112 Business Units, specifically their Endpoint Protection tool and SIEM tools. All relevant packages and process are already in place, these Engineers will be required to work independently to install and deploy the SOC services, ensure they pass to production environment and provide troubleshooting where necessary. Each Engineer will be responsible for 5 business units.
Latest: 3rd May
LOA: 3 months
Location: 100% remote
SOC - SIEM Engineer
Minimum of 3-5 years of professional consulting or enterprise experience as:
* SIEM Engineer;
* Cyber-security Analyst
The Security Information and Event Management (SIEM) Senior Engineer is in charge of the configuration, deployment and management of the client SIEM solution. He/she is
the responsible application owner for the SIEM solution and collaborates with IT Infrastructure on, configuration changes and tool management. The Engineer will work
closely with other teams to ensure that the SIEM is performing to standard with all necessary logging sources.
* Experience with end-to-end deployment of a SIEM solution to a greenfield environment;
* Experience with cyber intelligence / SIEM platforms (preferably QRadar but also alternatively Darktrace, ArcSight, Splunk or similar);
* Good experience in debugging security operation center systems, application, and network problems
* Ability to document processes and procedures.
* Solid working knowledge of networking technology and firewalls, proxies, the OSI Model, protocols and standards;
The main responsibilities of the SIEM Engineer:
* Support the rollout of the client SIEM solution to enable real-time security monitoring;
* Act as the subject matter expert for the client SIEM solution;
* Work with other IT teams to continuously integrate various logging sources with the SIEM;
* Maintain SIEM solution and document the environment;
* Develop and upgrade dashboards, channels, filters, rule engine set-up, reports and integrate correlations to the information security incident process;
* Monitor and recommend improvements based on events or incidents of apparent security breaches detected by SIEM in areas including networks, applications, databases, systems, and endpoints.
* Analyse, troubleshoot, and remediate issues with the SIEM solution