Security consultant - SIEM engineer
(ID: SEC19982)
A. Project / Customer environment
> Well known international company with worldwide presence is preparing new integration and security project where are required following competencies and knowledge linked to below mentioned areas.
B. Responsibility
Overall:
> To support and develop IT components and tools within the Company’s security infrastructure and its associated services (Cyber Defense Center).
Responsibilities:
> Lead by setting a good example (role model) – behavior consistent with words
> Provide status reporting of team activities against the program plan or schedule
> Provide guidance to the team based on management direction
> Support SIEM infrastructure and associated tooling
> Develop new SIEM use cases, support and maintain existing content
> Work with internal customers on SIEM on-boarding
> Assist and train junior team members in the use of security tools, the preparation of security reports and the resolution of security issues
> Follow pre-agreed work procedures and applies pre-approved changes to prevent damage and mitigate outage risks
> Correlate and coordinate events across all activities in above sections
> Provide RUN support for security technologies (SIEM, Anti-DDoS), handle incidents, perform changes, etc.
> Reactive assistance in root cause analysis
> Provide security incident reports to customers and management
C. Skills, experiences & competencies
Requirements:
> Experience with development of SIEM content
> Experience with managing at least one SIEM technology (Arcsight, QRadar...)
> Very good TCP/IP knowledge
> Good Knowledge of higher level protocols (HTTP, HTTPS, FTP, DNS, …)
> Fluent Linux administration
> Fluent Windows administration
> Basic scripting (BASH, Python...)
> Good understanding of security technologies (Antivirus, Firewall, IPS...)
> Good understanding of common cyber attack principles
> Good overview of Information Security topics (encryption, authentication, vulnerability management etc.)
> Good English language skills
> Decision-making skills
> Experience in Information Security field
Not required but advantage:
> Telecoms experience
> Good knowledge of at least one IPS technology (Snort, CheckPoint, etc.)
> Knowledge of Web Application Firewall technology
> Penetration testing and forensics skills
D. Location
> Prague (Czech republic)
E. Presence
> Min. 60% onsite (customer offices)
F. Utilization
> Full time (working hours) during project phases
G. Notes
> Applicants must be eligible to work in the EU
Status: open