Security Information & Event Management (SIEM) Platform Operation
-, National Capital Region
Posted 12 days ago
- Company:
- Neksjob Corporation
- Company Description:
- Neksjob is an outsourcing and social enterprise that provides quality services to our clients locally and abroad. We are driven by the innate desire to bring about change by encouraging out of the box solutions to well-worn path challenges at a cost-effective rate. We aim to bridge the gap between countries and cultures, distance and time zones, to bring the world closer through the help of emerging technology.
- Contract Type:
- Full Time
- Experience Required:
- 2 years
- Education Level:
- Bachelor’s Degree
- Gender:
- Any
- Number of vacancies:
- 10
Job Description
- Lead the implementation and maintenance of SIEM platforms to able to detect and respond to security incidents
- Collaborate with cross-functional teams to develop and implement security use cases, playbooks, and integrations
- Stay updated with the latest advancements in security technologies and best practices to ensure the security of enterprise systems and data
- Create/Modify SIEM/SOAR use cases, playbooks, dashboards and parsers
- Lead SIEM/SOAR build/implementation activities
- Provide recommendations and optimizations on SIEM and SOAR technologies to drive efficiencies and increase output
Open Positions:
- Security Delivery Specialist/Team Lead
- Security Delivery Associate Manager
- Security Delivery Manager
Professional & Technical Skills:
- Experience in Security Response and Monitoring Implemented any SIEM solutions;
- Hands on experience in port scan and vulnerability scanning techniques;
- Strong ArcSight ESM and Splunk skills from end tend understanding of the technology;
- Strong understanding of Security orchestration, automation and response technology;
- Implemented multiple SOAR playbooks/projects;
- Strong understanding of Correlation, Normalization, Parsing, and syslog formats and events in general;
- Strong understanding of SIEM and the required infrastructure;
- Strong understanding of SIEM concepts and best practices;
- Should have architect level knowledge in Information Security domain;
- Should have design, build or consulting experience on any of the leading SMR tools;
- Knowledge on different standards and frameworks CIS, COBIT, ISxxxxxxx, NIST SP800-53, ITIL v2, HIPAA, FFIEC, NERC-CIP, PCI-DSS, CIS, OWASP Windows administration skills
- Application servers, web services, remote access, file print services, server virtualization
- Active Directory Performance monitoring, logs alerts Network fundamentals
- Knowledgeable in Infrastructures such as VPN, LAN, WAN, wireless network, network topologies, and access methods
- Knowledgeable in Hardware such as switches, routers, media types
- Protocols and services such as OSI model, IPv4, IPv6, name resolutions, networking services, TCP/IP
- Knowledgeable in User authentication, permissions, password policies, audit policies, encryption, cryptography
- Knowledgeable in Physical security, internet security, wireless security, and core security principles
- Strong understanding to security monitoring tools and technologies Splunk, SIEM, IBM QRadar, Demisto, Splunk Phantom, Azure Sentinel