Posted on Mar 7, 2020 by Harvey Nash IT Recruitment Switzerland
For our client, a Swiss Bank, we are looking for a SIEM Architect/Engineer for a 6 months contract (extension planned) in Zurich, Switzerland.
- Sector: Banking
- Location: Zurich, Switzerland
- Duration: 6 months with extension planned
We are looking for a Security Information and Event Management (SIEM) Architect/Engineer who will contribute to the design of the bank's SIEM platform and who will configure, develop and maintain event flow into reports, visualizations and detection content. The candidate role is focused on ensuring the successful elicitation and implementation of cyber threats detection driven requirements. The candidate will work closely with the bank's security operation center, log management platform, managed security services providers and IT control owners.
The primary purpose of the role is to contribute positively to the bank's Cyber Services department:
- Analyzing SIEM system requirements and advising on implementation
- Identifying relevant data sources, designing detection patterns to identify abnormal or suspicious activity
- Configuring and tuning alerts and visualizations based on best practices and statistical analysis
- Creating user interfaces capable of querying data sources
- Staying knowledgeable on the current threat landscape and potential vectors of attack
The Role Involves:
The role will require strong IT security background that sets the foundation for a close collaboration with Engineering, Operations units, peer Business Analysts and Subject Matter Experts, senior management, and audit. The role will focus on the Cyber Threat Management program. The candidate will manage and plan deliverable with project managers from ESS and provide guidance to engineers in automation and control streams.
- Demonstrate thorough understanding of complex information systems, cyber security concepts, cyber threats, leading SaaS solutions
- Demonstrate understanding of statistical analysis for threat detection
- Support and develop solutions; oversee overall delivery to meet quality and requirements of customer Help design, document, and maintain system processes and threat detection capabilities
- Own and develop relationship with stakeholders, working with them to optimize and enhance our product portfolio
- Communicate key insights and findings to product team
- Elicit and write requirements/specifications
- Report on common sources of technical issues or questions
- Constantly be on the lookout for methods to improve services and products, discover issues and deliver better value for the customer
- This role requires creativity, strong presentation and analysis skills, thought leadership and the ability to interact with stakeholders at different levels of engineering and security enterprise.
- A minimum of 3-5 years of professional experience in cyber-security, information security, or IT Risk Consulting
- Experience in SIEM system implementation and optimization
- Experience with log management and or SIEM (Arcsight, Splunk, QRadar)
- Experience with XML
- Firm grasp of computer networking and security concepts - must be able to explain log sources and their use in monitoring (Windows, Firewall, Proxy, etc)
- Experience in creating SIEM use-cases, investigating security events through logs, and/or correlation queries
Nice to haves:
- ETL and streaming data experience (eg Kafka, syslog-ng)
- SOC or CSIRT experience
- A degree in IT/Computer Science
- Statistics background
- Proven experience in eliciting requirements and communicating said requirements
- Understanding of Agile concepts
- Relevant security and industry certifications
Please apply online or contact Nadja directly.