Software

GN – SIEM Content Dev Engineer Full Time

Job Description:

  • Develops process design and detection workflows for SOC and business tools.
  • Supports governance based on best practices and facilitates proper alignment to projects and major initiatives
  • Supports analysis of the current environment to detect critical deficiencies and recommends solutions for improvement.
  • Supports analysis of technology industry and market trends to determine their potential impact on security services architecture.
  • Utilizes capability modelling to align systems strategy and planning with business strategy and goals.
  • Consults with project teams to identify when it is necessary to modify infrastructure and security services to accommodate project needs.
  • Consults with architecture teams to identify when it is necessary to modify the technical architecture to accommodate infrastructure and security needs.
  • Participates in the documentation of developed content, architecture and analysis work.
  • Develops highly-extensible, scalable, and SIEM content services that can be adopted and integrated in a wide range of Cybersecurity use cases.

 

Skills Required:

  • Certified Information Systems Security Professional (CISSP)
  • Experience with architecting, implementing, and operating Splunk or other big data platforms
  • Experience with IDS, IPS, and SIEM appliance architecture, operations, and management
  • Experience working in a globally distributed enterprise environment
  • Experience with monitoring use case implementation methodologies
  • Knowledge of Linux, Unix and Microsoft operating systems
  • Knowledge of TCP/IP protocols
  • Experience using regex (regular expressions) with a scripting language (nix shells, python, c++, ruby, etc.) is acceptable
  • Excellent communication skills and problem-solving ability
  • Analysing, designing, developing and delivering solutions to stop adversaries
  • Identifying threats
  • Incident response
  • Risk reviews
  • Vulnerability management
  • Event monitoring, including log management and SIEM
  • Defining how logs should be parsed
  • Writing new correlation rules
  • Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities
  • Writing custom active lists, queries, and rules
  • Care and content of SIEM platforms  and have expert knowledge on ArcSight and  Splunk
  • Developing custom content based on threat intelligence
  • Ensure SIEM technologies are integrated & utilized to protect cyber related assets

Job Overview

  • Job Title: GN – SIEM Content Dev Engineer
  • Salary: Best in Industry