Cyber SIEM Engineer
Posted on Dec 23, 2021 by SuisseCo GmbH
Please note that for this role, relocation to Switzerland is required. We are only able to hire EU-27 citizens or candidates with an existing Swiss working permit/citizenship.
SuisseCo specializes in the international recruitment and placement of highly qualified IT specialists in Switzerland. We support our clients in the implementation of their IT projects and guarantee quick and flexible solutions of the highest quality.
For one of our clients in the banking industry, we are currently looking for a Cyber SIEM Engineer
Start date: February 2022
Duration: 6 months with good possibilities of an extension
Location: Zurich (Home Office is possible)
- Will work closely with other teams to ensure that the SIEM/UEBA is performing to standard with all necessary logging sources
- Ensure SIEM/UEBA technologies are integrated & utilized to protect cyber-related assets
- Defining how logs should be parsed
- Writing new correlation rules, custom active lists, queries, and rules
- Onboarding of new clients into the SIEM/UEBA
- Integration of security and system relevant data according to requirements.
- Management System (SIEM/UEBA) in terms of content and usability
- Support in the operation of the comprehensive SIEM/UEBA platform
Essentials Skills and Qualifications
- Bachelor's degree in Computer Science or Information Systems or other technically relevant degree
- At least 2 years of direct SIEM experience may be accepted in lieu of Bachelors
- 3-5 years of experience with information security operations, data analysis, and/or related IT operational functions
- Proven ability to support large scale Splunk/Elastic or similar event logging solutions
- Extensive experience creating alerts, dashboards, and reports
- Demonstrates the ability to extract meaningful events from operating system, database, application, and security platform data
- Understanding of Unix/Linux and Windows operating systems
- Demonstrable expert knowledge of Splunk/Elastic Best Practices, Security Operations, Workflows and Processes
- Excellent written and verbal communication skills are required
- Teamwork and collaboration skills
- Familiarity and/or certification in Splunk, Splunk Enterprise Security, Exabeam
- Demonstrable experience creating, designing, and maintaining tools written in at least one major language: Python, Ruby, Java, Perl, etc.
- Experience working with APIs and custom Scripting solutions to solve unique institutional problems