Search by job, company or skills

Ensign InfoSecurity

SIEM Engineer

Early Applicant
  • 15 days ago
  • Be among the first 50 applicants

Job Description

This role will primarily setup, maintain, and enhance various SIEMs.

  • Configure and administer the SIEM to support the needs of SOC.
  • Responsible for maintaining the health of the SIEM tool and ensuring agreed uptime of the respective platform.
  • Perform regular patching and version upgrades on the SIEM platform.
  • Configure respective parsers, forwarders (engage principal vendors if needed) to integrate various log sources with SIEM platform for log monitoring.
  • Research, build, and maintain detection capabilities for the latest threats across SIEM, log analytic, and security tool platforms.
  • Ensure real time data and Configuration replication between Primary and DR sites.
  • Integrate data feeds (logs) into SIEM/Splunk from on-premises and cloud deployed devices and applications.
  • Explore leading cybersecurity products. Work with 3rd party security consultants and service providers to ensure all security aspects are covered. Operate security solutions such as SIEM, PAM, EDR, IDS/IPS and Web Application Firewall while ensuring compliance to regulatory standards and procedures.
  • Security Automation: Automating processes using well-known frameworks such as PowerShell, Python, Bash, etc. As well as SOAR build out. (look like using AWS lambda to integration (CloudFront/WAF/ALB) and automating your work.)
  • Continuous Monitoring: Management AWS Guard duty and intrusion detection, User Behavior, and other security monitoring.
  • Support the SOC Analysts in the use of the toolset and with investigations to establish the facts surrounding potential suspicious activities and to understand the impact and possible risks associated.
  • Creation, amendment, tuning and supporting the engineering of advanced or complex protective monitoring use cases.
  • Provide security consultancy to other internal teams for matters relating to the SIEM.
  • Troubleshooting complex issues that may occur within the SIEM and resolving them with the help of vendor support
  • Advise clients of security standards, best practice and solutions relating to SIEM and SOC solutions.

Requirements

  • Advanced knowledge and experience of Cyber Security and evidence of working as a SIEM Engineer with previous experience of the software, including architectural design, configuring, operating and problem-solving activities.
  • A good understanding of implementing use cases and operational models or specific security solutions to meet the customer's requirement and understand how SIEM solution
  • Hands-on experience in a two or more of the key security domains such as: security operations (SIEM, EDR, vulnerability management), Cloud security, Data security, Identity and access management, and secure software development lifecycle
  • Knowledge of networking and AWS/Azure Cloud Security practices and tools.
  • SIEM related certifications for Administration, implementation, deployment, architecture.

More Info

Industry:Other

Function:Cyber Security

Job Type:Permanent Job

Date Posted: 12/11/2024

Job ID: 100126463

Report Job

About Company

Hi , want to stand out? Get your resume crafted by experts.

Similar Jobs

Marketing Manager Indonesia

Trend MicroCompany Name Confidential

Sr Solution Sales

PT ITSEC Asia TbkCompany Name Confidential
Last Updated: 17-11-2024 08:19:15 PM