صاحب العمل نشط
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيحالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيلم يكشف
لم يتم الكشف عن الراتب
Position: SIEM Engineer
Location: Remote
Duration: 6 Months; Strong potential for extension into 2025
Our client in the financial services domain is seeking a candidate to help grow and improve the Cyber Development and Testing team. The team handles the endtoend process of the development of new security use cases. This function touches many different teams and requires both a wide and deep understanding of several different information security concepts and how they function and apply to a corporate enterprise environment. The candidate should have an established background in information security and should have experience with both the development and testing of security cases that serves a large organization.
The candidate will be assisting the US Cyber Threat Detection Lead in the organizations migration to cloud. This entails the testing of existing use cases testing of new use cases development of new use cases in the new Cloud SIEM tenant facilitating requests between entities and generally being available to assist with any activities related to Threat Detection.
Required Skills:
Additional Skills: Financial/Banking experience is a plus
Required Experience:
34 years of experience
Security log analysis
Analysis of use case requirements
Creating efficient and performant correlation search queries which will become security use cases reports or dashboards
Recognizing and identifying patterns in data that will drive decisionmaking
Designing implementing and executing testing procedures for new and existing security alerts
Communicating effectively across several different teams and entities
Effective communication as to the status of weekly monthly and quarterly project deadlines and deliverables
Effective precise and detailed documentation in regard to the development and testing of security use cases
Ideal candidate will have:
Splunk (developerlevel)
AWS (intermediate). Familiarity with AWS CloudTrail and GuardDuty is a huge plus
JIRA (or any agile based platform)
عن بُعد