SIEM Expert
RHEA GROUP
Saint-Germain-en-Laye, France
il y a 4j

For our international client, we are looking for an experienced cyber security professional with SIEM Expertise who will take the lead as a SIEM Manager within a Security Monitoring Centre.

Tasks and Activities

The scope of work will include :

  • Support the operations of the site Security Monitoring tools.
  • Be the first escalation point for any issues onsite.
  • Identify performance improvements for the SIEM capability, expert implementation and generation of SIEM content (e.g. rules, trends, lists, reports and dashboards).
  • Tune the correlation rules to optimize the false positive and false negative performances.
  • Oversee of configuration changes related to correlation rules updates and log parsing definition.
  • Custom development of event collectors / connectors (agents).
  • Contribute to the ARB, supporting the anomalies handling process related to the SIEM operation and administration.
  • Support in design and continuous improvement of operational procedures.
  • Development and support the implementation and execution of standard procedures for SIEM administration.
  • Ensure SecMon performance reporting and contribute to the continuous service improvement.
  • Conduct SIEM vendor briefings to understand product upgrades, roadmap of features etc.
  • Review documentation related to SIEM operation and administration.
  • Skills and Experience

    The following skills and experience are mandatory :

  • You have a University degree in a relevant discipline with 3 (three) years of relevant experience; or have equivalent relevant professional experience of 5 (five) years.
  • At least 3 years of experience in cybersecurity dealing with SIEM design, deployment and optimisation activities rendered within the past 5 years.
  • Solid knowledge and experience in the design, implementation, administration and performance tuning of either QRadar or ArcSight environments.
  • Experience with Log Format and Source Data for SIEM Analysis.
  • Knowledge and experience with security technologies like endpoint protection, firewalls, IDS, proxies, etc.
  • You have a high level of proficiency in the English language (at least B1 level).
  • These activities are related to a programme funded by the European Commission. Therefore, only candidates with EU nationality will be considered for this role.
  • Signaler cette offre d'emploi
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Postuler
    Mon email
    En cliquant sur « Continuer », je consens au traitement de mes données et à recevoir des alertes email, tel que détaillé dans la Politique de confidentialité de neuvoo. Je peux retirer mon consentement ou me désinscrire à tout moment.
    Continuer
    Formulaire de candidature