Cyber Security Engineer
Posted on Apr 2, 2021 by Harvey Nash IT Recruitment Switzerland
For our client, Swiss bank, we are looking for a Cyber Security Engineer for a 12 months project in Zurich.
Starting date: 01/07/2021
Overview of business area or project:
This role will be part of Security Critical Data Engineering team (SCDE), one of the core service line of Cyber Security Analytics.
The mission of the team includes:
- On-boarding new Security Critical Data
- Providing high reliability of the service
- Controlling access to Security Critical Data
- Monitoring of Security Critical Data health
- Monitor, mantain and improve Splunk environment reliability and quality of service.
- Build and test solutions in a pre-production environment.
- Document test results, designs, and operational manuals for the solutions.
- Provide support of Production operations.
- Occasional on-duty or after business hours work in case of incident support.
- Perform code upgrades without supervision.
- Identify and document best practices within their subject matter areas of expertise.
- Provide continuous process improvement suggestions.
- Maintain and document Standard Operating Procedures.
- Create, and maintain educational content as an integral part of the engineering and user experience.
Overview of the department/team (team size, backgrounds, personalities):
Cyber Security Analytics is a fast-growing team of about 20 people in 3 different regions: Switzerland, US, EMEA (Poland)
The Team is responsible for designing, engineering and implementing systems to rapidly process large volumes of data from many disparate sources, providing enhanced knowledge to the bank's security teams and risk functions. This is a global team and Cyber Security Engineers collaborate with teams in all regions and across multiple time zones within the company.
Challenges Contractor will be facing in this role:
The candidate will work with Cyber Security Analytics teams, and will be mainly responsible for solving highly technical problems, which may require assessing source code to analyze and resolve problems. This requires advanced troubleshooting skills and must be able to adapt and create non-standard approaches to problem solving.
Essentials Skills and Qualifications:
- 3-5 years of professional experience in big data platforms (inducing Splunk), SIEM, logs management
- Creating SIEM use-cases, log searches, correlation queries
- Hands-on experience administrating and troubleshooting Splunk distributed environments/clusters is a must
- Proficient in analysing and interpreting log sources (Web proxies, Firewalls, Windows, Linux, Sysmon, EDR)
- Comfortable with Linux administration, Bash scripts, packaging (RPM), troubleshooting
- Experience with at least one programming language (Python or Java preferred)
Desired Skills and Qualifications:
- Experience with Splunk Enterprise Security (Admin)
- Proficient in writing and using REST and SOAP APIs
- Experience working in a DevOps/SRE team, applying Agile methodology
- Experience with assessing incidents criticality and escalation processes
- Experience with writing technical documentation for internal audiences.