This Job Vacancy has Expired!

SIEM Architect/Engineer

Posted on Mar 7, 2020 by Randstad (Schweiz) AG

Zürich, Switzerland
IT
Immediate Start
Annual Salary
Contract/Project

We are currently supporting a leading Swiss bank in Zurich, in their search for an experienced SIEM Architect/Engineer.

Key Responsibilities:

We are looking for a Security Information and Event Management (SIEM) Architect/Engineer who will contribute to the design of the bank's SIEM platform and who will configure, develop and maintain event flow into reports, visualizations and detection content. The candidate role is focused on ensuring the successful elicitation and implementation of cyber threats detection driven requirements. The candidate will work closely with the bank's security operation center, log management platform, managed security services providers and IT control owners.

The primary purpose of the role is to contribute positively to the bank's Cyber Services department:

  • Analyzing SIEM system requirements and advising on implementation
  • Identifying relevant data sources, designing detection patterns to identify abnormal or suspicious activity
  • Configuring and tuning alerts and visualizations based on best practices and statistical analysis
  • Creating user interfaces capable of querying data sources
  • Staying knowledgeable on the current threat landscape and potential vectors of attack

The Role Involves:

The role will require strong IT security background that sets the foundation for a close collaboration with Engineering, Operations units, peer Business Analysts and Subject Matter Experts, senior management, and audit. The role will focus on the Cyber Threat Management program. The candidate will manage and plan deliverable with project managers from ESS and provide guidance to engineers in automation and control streams

  • Demonstrate thorough understanding of complex information systems, cyber security concepts, cyber threats, leading SaaS solutions
  • Demonstrate understanding of statistical analysis for threat detection
  • Support and develop solutions; oversee overall delivery to meet quality and requirements of customer
  • Help design, document, and maintain system processes and threat detection capabilities
  • Own and develop relationship with stakeholders, working with them to optimize and enhance our product portfolio
  • Communicate key insights and findings to product team
  • Elicit and write requirements/specifications
  • Report on common sources of technical issues or questions
  • Constantly be on the lookout for methods to improve services and products, discover issues and deliver better value for the customer

Qualifications, must haves:

  • A minimum of 4 years of professional experience in cyber-security, information security, or IT Risk Consulting
  • Extensive experience in SIEM system implementation and optimization
  • Solid experience with log management and or SIEM (Arcsight, Splunk, QRadar)
  • Good experience with XML
  • Firm grasp of computer networking and security concepts - must be able to explain log sources and their use in monitoring (Windows, Firewall, Proxy, etc)
  • Experience in creating SIEM use-cases, investigating security events through logs, and/or correlation queries

Essentials Skills and Qualifications:

The role requires providing technical leadership, mentoring on software engineering design, development, and frameworks, analysing alternatives, and presenting technical options to leads and clients.

Must Have:

  • Over 5 years of experience require working with log management systems
  • Splunk admin/architect certified
  • Experience in Splunk App creation
  • Experience with Python
  • Experience on large scale Splunk environments and performance optimization
  • Strong ability to troubleshoot issues and make system changes as needed to resolve issue

Desired Skills and Qualifications:

  • IT Security or Cyber Security experience
  • Understand computer networking concepts and speak following log sources Windows, Firewall, WebProxy, Antivirus, DNS, Sysmon
  • Creating SIEM use-cases, log searches, correlation queries
  • Proven experience in eliciting requirements and communicating requirements
  • Understanding Agile concepts and working as a part of Scrum team
  • Development and Code Management experience

Are you ready for the next challenge in your career, then dont hesitate to send your application or contact me.

Reference: 857912300

Set up alerts to get notified of new vacancies.