This Job Vacancy has Expired!

SIEM Engineer Expert (QRadar - Splunk - CISSP - CEH)

Posted on Jun 27, 2021 by Base 3

Brussel, Belgium
IT
Immediate Start
Annual Salary
Contract/Project


This role is inside IR35 for UK applicants.

Role

You join SOC as an Expert in SIEM (Security Information and Event Management) engineering.

The SOC monitors and analyses activity on networks, Servers, endpoints, databases, applications, websites, and other systems, looking for anomalous activity that could be indicative of a security incident or compromise.

Your primary duties will be:

  • Keep abreast of evolving cyber threats and identifying new and sophisticated methods of detecting them.
  • Interact with customers to gather requirements and ensure the implementation of cyber security solutions.
  • Responsible for the creation of procedures, runbooks, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM log sources and detection logic.
  • Responsible for security event life cycle management with event source system administrators/owners, as well as maintaining current operational event flows
  • Responsible for configuration of enterprise security log source types into the SIEM and definition of security event log forwarding into the SIEM.
  • Coach a small team (from a technical perspective); review work outputs and provide quality assurance.
  • Analyses and identifies areas of improvement with existing processes, procedures and documentation.
  • Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel.
  • Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems.

Technical skills

  • In depth experience in development and maintenance of SIEM use cases
  • Strong knowledge of log formats and ability to aggregate and parse log data for syslog, HTTP logs, DB logs for investigation purposes
  • Strong knowledge of network security zones, Firewall, IDS.
  • Knowledge of Linux and Windows platforms and cloud concepts.
  • Experience administering multiple security technologies (Firewalls, IDS/IPS, SIEM).
  • Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
  • Excellent English communication skills (written and oral)

Assets

  • QRadar Certified
  • Splunk Certified
  • Any other Security Certifications (eg CEH or CISSP)



Reference: 1239062242

Set up alerts to get notified of new vacancies.