SIEM Engineer Expert (QRadar, Splunk, Logs)

Greater London Contract / 6-12 months

SIEM Engineer Expert (QRadar, Splunk, Logs) – Transformation Project – Brussels

Duration: 6-12 months

Rate: Flexible

****Remote working to the end of the year due to covid **** – MUST be prepared to be onsite in 2022.

You join SOC as an Expert in SIEM (Security Information and Event Management) engineering.

The sub-function SOC Tier 1 and 2 monitors, collects and analyses security events information from the networks, systems, and critical applications at the Bank, detects and triages unusual or suspicious activity and provides real-time first and second-line security operations management services.

In your role as subject matter expert you are responsible for getting the logs on-boarded in the SIEM, develop and maintain event correlation rules that generate the alerts monitored by the tier 1 function, as well as the runbooks being used by the tier 1.

Additionally you guide and coach your junior team members and guard the use case development and maintenance framework, this includes adhering to standards and keep documentation up to date.

Your primary duties will be :

  • Keep abreast of evolving cyber threats and identifying new and sophisticated methods of detecting them.
  • Interact with customers to gather requirements and ensure the implementation of cyber security solutions.
  • Responsible for the creation of procedures, runbooks, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM log sources and detection logic.
  • Responsible for security event life-cycle management with event source system administrators/owners, as well as maintaining current operational event flows
  • Responsible for configuration of enterprise security log source types into the SIEM and definition of security event log forwarding into the SIEM.
  • Coach a small team (from a technical perspective); review work outputs and provide quality assurance.
  • Analyses and identifies areas of improvement with existing processes, procedures and documentation.
  • Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel.
  • Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems.

Qualifications

Technical skills

  • In depth experience in development and maintenance of SIEM use cases
  • Strong knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes
  • Strong knowledge of network security zones, firewall, IDS.
  • Knowledge of Linux and Windows platforms and cloud concepts.
  • Experience administering multiple security technologies (Firewalls, IDS/IPS, SIEM).
  • Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
  • Excellent English communication skills (written and oral)

Assets

  • QRadar Certified
  • Splunk Certified
  • Any other Security Certifications (e.g. CEH or CISSP)

Soft skills

  • Good security mind set;
  • Sense of urgency and able to apply risk based approach to prioritize work;
  • Strong analytical skills to help define new use cases, statistical correlation rules and analytical monitoring functions
  • A problem solver (you recognize underlying issues and problems, you analyse root causes and define solutions accordingly)
  • Able to work autonomously
  • Motivated to learn new technologies and come up with process improvements and efficiencies
  • A team-focused mentality with ability to work & collaborate effectively in a team environment;
  • Reporting and continuous improvement mindset
  • Project Management skills
  • You have good influencing/persuasion skills, obtaining approval of others with good arguments, appropriate influencing methods and a certain “natural authority” (persuasion)
  • You examine matters from a distance and putting them in a broader context and time perspective (vision)
  • Good leadership and communication skills, whether on the field, in the team or with management: you are a keen team player and coordinate work amongst people from different areas or divisions. A good relationship builder with strong diplomacy skills
  • Capability to ensure confidentiality and discretion in performing sensitive tasks
  • At ease in a fast changing environment, flexible and pragmatic, open-minded

Please do share with me the most up to date copy of your CV to eobiechefu@welovesalt.com

Job Information

Job Reference: JO-2107-244859
Salary:
Salary per: day
Job Duration: 6-12 months
Job Start Date: ASAP
Job Industries: Cyber Security Jobs
Job Locations: Greater London
Job Types: Contract
Job Skills: Logs, Qradar, SIEM, Splunk

Here are some related jobs

×
UK

Upload your CV

Upload your CV to our database.

  • Max. file size: 5 MB.
  • Hidden
  • This field is for validation purposes and should be left unchanged.

Please let us know where you are, or where you would like to be in the world so we can point you in the right direction.

Cookie Consent×

Salt uses cookies to improve the user experience of our site. Cookies allow you to have a more enhanced journey through the site when searching for a specific job or location. Cookies are also used to help us understand how our site is being used. You can find out more about how Salt uses cookies here. By continuing to use the Salt site you are consenting to use our cookies.

OK