drjobs SIEM Analyst English

صاحب العمل نشط

1 وظيفة شاغرة
drjobs

حالة تأهب وظيفة

سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكتروني
Valid email field required
أرسل الوظائف
drjobs
أرسل لي وظائف مشابهة
drjobs

حالة تأهب وظيفة

سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكتروني

Valid email field required
أرسل الوظائف
الخبرة drjobs

5سنوات

موقع الوظيفة drjobs

مسقط - عمان

الراتب drjobs

لم يكشف

drjobs

لم يتم الكشف عن الراتب

عدد الوظائف الشاغرة

1 وظيفة شاغرة

الوصف الوظيفي

Responsibilities:

  • Design deploy and maintain SIEM solutions
  • Configure and finetune log sources collectors and agents
  • Develop and implement use cases correlation rules and alerts
  • Monitor and analyze security events and alerts generated by the SIEM system
  • Investigate and respond to security incidents performing root cause analysis and recommending corrective actions
  • Conduct threat hunting activities to identify potential security risks
  • Ensure comprehensive log collection and retention across various IT systems and applications.
  • Perform regular log analysis to identify and mitigate security threats
  • Develop and maintain dashboards and reports for security metrics and trends
  • Work closely with other IT and security teams to integrate SIEM with other security tools and processes
  • Provide technical guidance and training to junior analysts and other team members
  • Communicate effectively with stakeholders to report on security incidents and system performance
  • Stay updated on the latest cybersecurity threats trends and technologies
  • Recommend and implement improvements to the SIEM system and related processes
  • Participate in security audits and assessments ensuring compliance with industry standards and regulations
  • SIEM Enhancement and Tuning.
  • Review the SIEM logs for emerging threats and vulnerabilities identifying areas for improvement in detection and correlation
  • Rule and alert optimization: Finetune existing SIEM rules and alerts to minimize false positives and negatives ensuring efficient incident identification and response
  • Log source management: Continuously integrate new log sources and optimize existing ones for efficient data collection and analysis
  • Develop custom SIEM rules dashboards and reports to address specific SOC team requirements and security needs.
  • Monitor and optimize SIEM performance to ensure efficient resource utilization and timely incident detection.
  • Requirement gathering and analysis: Actively engage with the SOC team to understand their security monitoring needs and translate them into actionable SIEM configurations
  • Generate regular reports on SIEM activity security incidents and tuning efforts fostering clear communication with the SOC team
  • Provide training to SOC analysts on SIEM usage best practices and newly implemented features
  • Collaborate with the SOC team to identify and implement improvements to the overall security monitoring posture.
  • Escalation and Issue Management: Defined escalation
  • procedures: Establish clear escalation procedures for highpriority incidents ensuring timely communication and resolution
  • Effectively communicate and collaborate with local IT support and security vendors to resolve escalated issues.
  • Track escalated issues through resolution documenting steps taken and outcomes for future reference
  • The SIEM Analyst will work on regular tuning and optimization of SIEM use cases leading to more effective monitoring reducing false positives and ensuring accurate detections.
  • The SIEM Analyst will work with the SOC team to add new use cases to monitor emerging threats and respond quickly to changes in attack patterns ensuring proactive security coverage.
  • The SIEM Analyst will work to ensure that NWS assets are continuously updated in the SIEM allowing for accurate monitoring and early detection of potential security incidents involving critical assets.
  • The SIEM Analyst will work on regularly updating the SIEM in response to NWSs IT environment changes ensuring continuous and comprehensive security coverage.
  • The SIEM Analyst will provide updates and reports on SIEM system performance and improvements ensuring that all stakeholders are informed about the systems current state and enhancements.



Requirements

  • Minimum of 5 years of experience in cybersecurity with a focus on SIEM technologies.
  • Proven experience with LogRhythm SIEM platform.
  • Certified LogRhythm Engineer (preferred).
  • Handson experience with log management threat detection and incident response.


Minimum of 5 years of experience in cybersecurity with a focus on SIEM technologies. Proven experience with LogRhythm SIEM platform. Certified LogRhythm Engineer (preferred). Hands-on experience with log management, threat detection, and incident response.

نوع التوظيف

دوام كامل

نبذة عن الشركة

الإبلاغ عن هذه الوظيفة
إخلاء المسؤولية: د.جوب هو مجرد منصة تربط بين الباحثين عن عمل وأصحاب العمل. ننصح المتقدمين بإجراء بحث مستقل خاص بهم في أوراق اعتماد صاحب العمل المحتمل. نحن نحرص على ألا يتم طلب أي مدفوعات مالية من قبل عملائنا، وبالتالي فإننا ننصح بعدم مشاركة أي معلومات شخصية أو متعلقة بالحسابات المصرفية مع أي طرف ثالث. إذا كنت تشك في وقوع أي احتيال أو سوء تصرف، فيرجى التواصل معنا من خلال تعبئة النموذج الموجود على الصفحة اتصل بنا