For our international client, we are looking for an experienced cyber security professional with SIEM Expertise who will take the lead as a SIEM Manager within a Security Monitoring Centre.
Tasks and Activities
The scope of work will include :
Support the operations of the site Security Monitoring tools.
Be the first escalation point for any issues onsite.
Identify performance improvements for the SIEM capability, expert implementation and generation of SIEM content (e.g. rules, trends, lists, reports and dashboards).
Tune the correlation rules to optimize the false positive and false negative performances.
Oversee of configuration changes related to correlation rules updates and log parsing definition.
Custom development of event collectors / connectors (agents).
Contribute to the ARB, supporting the anomalies handling process related to the SIEM operation and administration.
Support in design and continuous improvement of operational procedures.
Development and support the implementation and execution of standard procedures for SIEM administration.
Ensure SecMon performance reporting and contribute to the continuous service improvement.
Conduct SIEM vendor briefings to understand product upgrades, roadmap of features etc.
Review documentation related to SIEM operation and administration.
Skills and Experience
The following skills and experience are mandatory :
You have a University degree in a relevant discipline with 3 (three) years of relevant experience; or have equivalent relevant professional experience of 5 (five) years.
At least 3 years of experience in cybersecurity dealing with SIEM design, deployment and optimisation activities rendered within the past 5 years.
Solid knowledge and experience in the design, implementation, administration and performance tuning of either QRadar or ArcSight environments.
Experience with Log Format and Source Data for SIEM Analysis.
Knowledge and experience with security technologies like endpoint protection, firewalls, IDS, proxies, etc.
You have a high level of proficiency in the English language (at least B1 level).
These activities are related to a programme funded by the European Commission. Therefore, only candidates with EU nationality will be considered for this role.