This Job Vacancy has Expired!

SIEM Engineer Expert

Posted on Jul 20, 2021 by Base 3

Brussel, Belgium
Immediate Start
Annual Salary

This role is inside IR35 for UK applicants


You join the SOC as an Expert in SIEM (Security Information and Event Management) engineering.

The SOC monitors and analyses activity on networks, Servers, endpoints, databases, applications, websites, and other systems, looking for anomalous activity that could be indicative of a security incident or compromise.

In your role as subject matter expert you are responsible for getting the logs on-boarded in the SIEM, develop and maintain event correlation rules that generate the alerts monitored by the tier 1 function, as well as the runbooks being used by the tier 1.

Required Technical skills:

  • In depth experience in development and maintenance of SIEM use cases
  • Strong knowledge of log formats and ability to aggregate and parse log data for syslog, HTTP logs, DB logs for investigation purposes
  • Strong knowledge of network security zones, Firewall, IDS.
  • Knowledge of Linux and Windows platforms and cloud concepts.
  • Experience administering multiple security technologies (Firewalls, IDS/IPS, SIEM).
  • Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
  • Excellent English communication skills (written and oral)

Your primary duties will be:

  • Keep abreast of evolving cyber threats and identifying new and sophisticated methods of detecting them.
  • Interact with customers to gather requirements and ensure the implementation of cyber security solutions.
  • Responsible for the creation of procedures, runbooks, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM log sources and detection logic.
  • Responsible for security event life cycle management with event source system administrators/owners, as well as maintaining current operational event flows
  • Responsible for configuration of enterprise security log source types into the SIEM and definition of security event log forwarding into the SIEM.
  • Coach a small team (from a technical perspective); review work outputs and provide quality assurance.
  • Analyses and identifies areas of improvement with existing processes, procedures and documentation.
  • Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel.
  • Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems.


  • QRadar Certified
  • Splunk Certified
  • Any other Security Certifications (eg CEH or CISSP)

Reference: 1260305542

Set up alerts to get notified of new vacancies.