Beschreibung
Responsibilities? Responsible for the design of the SIEM platform
? Elicit and implement cyber threats detection driven requirements
? Configure, develop and maintain event flows into reports, visualizations and detec-tion content
? Analyze SIEM system requirements and advise on implementation
? Design detection patterns to identify abnormal or suspicious activity
? Create user interfaces capable of querying data sources
? Identify relevant data sources and configure and tune alerts and visualizations
? Elicit and write specifications as well as report on common sources of technical issues or questions
? Support, document and maintain system processes and threat detection capabilities
? Collaborate with different team members and different stakeholder
? Provide guidance to engineers in automation and control streams
Requirements
? Several years of experience with cyber security, information security or IT Risk
? Deep knowledge in information systems and SaaS solutions
? Several years of experience with SIEM systems (implementation, optimization)
? Several years of experience in creating SIEM use cases, investigating security events through logs and/or correlation queries
? Several years of experience with log management systems like Arcsight, Splunk, QRadar etc.
? Ability to explain log sources and their use in the monitoring (Windows, Firewall, WebProxy, Antivirus, DNS, Sysmon)
? Experience with XML, Python and Splunk App Creation
? English language skills