Security Information and Event Management (SIEM) Analyst
This specialist role will be responsible for the validation of all Security information and event management (SIEM) activities, promotion of content to production, ongoing routine maintenance of the security tools and infrastructure. This position is primarily responsible for the integration and management of secure, reliable, stable and dependable solutions that support and ensure the confidentiality, integrity, and availability of the newer complex security systems in to the existing security infrastructure. The successful candidate will have a proven track record in information security derived from an all-round Information Technology background and SOC/SIEM experience and possess a combination of the following skills, and competencies: Progressive senior IT experience, ideally holding positions in both IT Infrastructure & Operations as well as Network Security. Working knowledge of Linux, networking, troubleshooting, and security strategies preferably in SIEMs (Splunk, ArcSight). Solid understanding of additional security technologies / disciplines such as Palo Alto and Juniper firewalls, intrusion prevention, encryption, threat analysis, and vulnerability assessment. Comfortable with managing complex, enterprise-scale logging, including ensuring reporting and alerting is appropriate. Exposure to project management techniques. Strong analytical, documentation, and communication skills, both oral and written Good team working skills and ability to work in a distributed global team environment Strong analytical and problem solving skills Self-motivated, proactive and with determination to achieve goals Flexible and able to deliver quality results in the required timeframe Familiar and experienced in the software development lifecycle process Influencing skills to drive development standards.
The SIEM Analyst will be part of the Security Monitoring Infrastructure (SMI) Team. This team provides monitoring, analyses and response to configuration, maintenance, capacity, compliance, and audit requirements in direct support of the Security Monitoring Infrastructure. SMI also deploys, enhances, and expands infrastructure for new or existing security applications required for Security Monitoring.
Principle
Responsibilities:
Monitoring, analyses and response to configuration, maintenance, and compliance requirements on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices, and SIEMs (Splunk, NetWitness, Illusive, Illumio, SilverTail, ArcSight, ForeScout, Arbor PeakFlow, Palo Alto Networks, etc.). This requires demonstrable troubleshooting capability across multiple applications, predominately security related.
Follow pre-defined actions to handle BAU and High severity issues including resolving complex escalations from support groups.
Execute daily adhoc tasks or lead small projects.
Create and maintain operational reports for Key Performance Indicators and Metrics.
Perform systems review and manage security content deployments to minimize impact on resources and ensure stability of monitoring infrastructure.
Perform assessment, complex troubleshooting, incident resolution, and support cross-functional issue resolution with SIEMs and product feeds, threat detection systems, IDS/IPS sensors, Antivirus servers, and vulnerability management scanners.
Linux, networking, ArcSight, troubleshooting, security and/or operations experience
. Apply now!Estimated Salary: $20 to $28 per hour based on qualifications.
The SIEM Analyst will be part of the Security Monitoring Infrastructure (SMI) Team. This team provides monitoring, analyses and response to configuration, maintenance, capacity, compliance, and audit requirements in direct support of the Security Monitoring Infrastructure. SMI also deploys, enhances, and expands infrastructure for new or existing security applications required for Security Monitoring.
Principle
Responsibilities:
Monitoring, analyses and response to configuration, maintenance, and compliance requirements on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices, and SIEMs (Splunk, NetWitness, Illusive, Illumio, SilverTail, ArcSight, ForeScout, Arbor PeakFlow, Palo Alto Networks, etc.). This requires demonstrable troubleshooting capability across multiple applications, predominately security related.
Follow pre-defined actions to handle BAU and High severity issues including resolving complex escalations from support groups.
Execute daily adhoc tasks or lead small projects.
Create and maintain operational reports for Key Performance Indicators and Metrics.
Perform systems review and manage security content deployments to minimize impact on resources and ensure stability of monitoring infrastructure.
Perform assessment, complex troubleshooting, incident resolution, and support cross-functional issue resolution with SIEMs and product feeds, threat detection systems, IDS/IPS sensors, Antivirus servers, and vulnerability management scanners.
Linux, networking, ArcSight, troubleshooting, security and/or operations experience
. Apply now!Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
