We are currently supporting a leading Swiss Bank in Zurich, in their search for an experienced SIEM Infrastructure Engineer.
Key Responsibilities The focus for the SIEM Engineer is the development, management and administration of the Corporate SIEM System. The scope will vary from creating and modifying use-cases to updating the components of the SIEM. The SIEM Engineer works closely with the Product Owner and Security Operations Center (SOC) to provide support and assistance to the client. Most work is scheduled and delivered in a given time frame. The SIEM Engineer will have excellent working relationships with other team members. The SIEM Engineer is responsible for working with the Analyst team at multiple levels in order to identify and align business and IT objectives, discover security or operational pain points, offer recommendations, implement solutions, and recognize current and future IT security needs. Responsibilities: • Add/Modify/Archive log sources • Ability to explain and document alert use-cases for all relevant components (alarms, watch lists, reporting, and correlating data from multiple dissimilar log sources) • Schedule and run regular technical change requests (i.e. alert modifications, IOC updates, security patches, major and minor software releases) • Tune/Enhance existing alert framework and client custom framework • Work closely with Threat Analyst/Hunter to improve proactive defense posture • Work closely with the Analyst Team to improve SOC alerting • Provide overall guidance, instruction and leadership to SOC analysts • Provide mentorship and guidance to SOC analysts regarding technologies and alerts • Engage in knowledge sharing with other team members • Provide major/minor component infrastructure support • Conduct Health Checks and Regular Maintenance Tasks • Triage SOC alert influxes, enterprise failures and reconfigurations • Open and follow-up on service requests with 3rd party vendors • Maintain current knowledge on industry issues/trends and competitive SIEM products • Maintain and expand working knowledge of current managed technologies • Improve technical understanding of all managed technologies • Communicate effectively orally and in writing, and establish a cooperative working relationship with persons contacted in the course of performing assigned duties Essentials Skills and Qualifications:
• Minimum 4 years' experience in IT security field • Holds certifications of security technologies or SIEM technologies • Sound knowledge of Linux and Unix engineering • Good knowledge of Syslog • Strong understanding of IT Security concepts, best practices, and market direction • Possess expert knowledge and experience with any SIEM System • Ability to create and implement a custom parser • Strong troubleshooting, reasoning and problem-solving skills • Strong knowledge of TCP/IP protocols and the ability to analyze network traffic • Excellent communications skills • Exceptional Time Management and organizational skills • A positive and constructive minded team player Desired Skills and Qualifications: • Cyber Security Experience • Big Data Technologies • Operation knowledge of security threat and attack countermeasures • Ability to conduct forensic analytical studies and investigations • Experience with SOC operations Are you ready for the next challenge in your career, then don`t hesitate to send your application or contact me at +41 58 201 5661.