I am working with a Security-focused company to help find their next SIEM engineer. This company are team and employee focused. They believe in empowering their employees to achieve results. The company are growing and because of this, they are offering full remote positions in Ireland to ensure they are bringing in the best possible talent.
What will you be doing?
Serve as lead engineer for SIEM design, related components, and the confidentiality, integrity, and availability (CIA) of logs.
Implement, manage, and maintain event and log collection, reporting, and compliance requirements.
Design and build SIEM dashboards and reporting tools required by technical teams.
Act as a key member and contact for the security operations centre (SOC) and incident response team.
Tune the SIEM with threat intelligence sources (e.g., premium, industry-shared, open-source, and dark web) and correlate event indicators and threats.
Lead and perform the content development within the SIEM platform, including use case creation, dashboard design, tuning of use cases to minimize false positives, development of reporting metrics such as SLA and KPI reports and Log source configuration.
Work closely with security leadership to instil information security policies and practices throughout business units that address security operations, incident response, application security, and infrastructure.
What my client are looking for?
Ten (7+) years or more of Cybersecurity or information technology practitioner experience
Ten (7+) years or more experience operating in a Security Operations Centre (SOC) and incident response environment
Proficient in one or more SIEM (e.g., QRadar, Splunk, LogRhythm, ArcSight, Securonix, Sumo Logic, Exabeam, ElasticSearch)
Knowledgeable of DevOps technologies such as SONAR, dependency management security, and OWASP.
Knowledgeable of and hands-on experience with supporting intrusion detection/prevention systems (IDS/IPS), firewalls, endpoint solutions, data loss prevention (DLP), Active Directory (AD), and application security. intermediate required
Ability to analyze event and incident logs and work with SOC and IR teams to assess security events related to malware, vulnerabilities, exploits, and kill chain methodology
Advanced knowledge of operating system configuration (Windows, Unix, Linux) and networking (DNS, DHCP, routing protocols). advanced required
Strong understanding of key performance indicators (KPIs) and service-level agreements (SLAs) attributed to security and business objectives for key stakeholders. advanced required
Fully RemoteTo find out more please contact Peter Raine Reperio Human Capital (phone number removed)
Reperio Human Capital acts as an Employment Agency and an Employment Business