Splunk, Sr. SIEM Engineer
Job Description
Our Client
A leading Cyber Security Consulting Company in Abu Dhabi, UAE is looking for Splunk, Sr. SIEM Engineer for 12 months contract.
Your Responsibilities
- Responsible to configure and administer SOC tools such as SIEM, SOAR, EDR and TIP to support SOC requirements.
- Provide first level technical support for SOC technologies.
- Maintain the health of SIEM tool and ensure 99.96% uptime of the platform.
- Create necessary dashboards in SIEM and other SOC tools to enable the SOC monitoring and reporting.
- Perform regular patching and version upgrades on SOC technologies.
- Create dashboards to support SOC monitoring and reporting requirements.
- Integrate new log sources, parse logs in SIEM.
- Manage faults in SOC technologies, troubleshoot to identify root cause, and coordinate with vendors for resolution.
- Ensure backups are configured and working properly for SOC technologies.
- Perform backup restore tests on periodic basis.
- Support SOC by performing fine-tuning on SOC technologies, guide SOC analysts with best practices to perform
- searches, etc.
- Maintain proper documentation for SOC technologies. Ensure change management process is followed.
- Coordination and collaboration – Work with the SOC Analysts, IT sections, SOC Manager on developing and managing
- the required use cases, orchestrations and automation workflows, and playbooks.
- Review and fine-tune Use cases implemented on EDR.
- Implement scanning profiles on vulnerability scanning tool and integrate with SOAR.
Your Qualifications
- Demonstrated track record of strong SIEM and SOAR deployment and management successes in client/MSSP environment.
- Solid grounding in all fields of IT security.
- Solid technical problem-solving skills with demonstrated passion for engineering excellence, quality, security, and performance.
- Strong cross-group collaboration and interpersonal communication skills working with a variety of roles including development, product management, support and sales engineering.
- Demonstrated ability to solve complex Use cases and playbook problems.
- Broad general knowledge of the high-technology industry gained in larger enterprise IT security environments and SOC operations.
- Demonstrated track record of strong SIEM and SOAR deployment and management successes in client/MSSP environment.
- Solid grounding in all fields of IT security.
- Solid technical problem-solving skills with demonstrated passion for engineering excellence, quality, security, and performance.
- Strong cross-group collaboration and interpersonal communication skills working with a variety of roles including
- development, product management, support and sales engineering.
- Demonstrated ability to solve complex Use cases and playbook problems.
- Broad general knowledge of the high-technology industry gained in larger enterprise IT security environments and SOC operations.
- BSc in Computer Science / Electrical Engineering/Mathematics (at least 4+ years in Information security domain).
- SIEM Certification (Any Vendor)
- SOAR Certification (Any Vendor)
- Cloud Security Certifications
- GIAC GCIH
- Certified Entry-Level Python Programmer Certified Associate in Python Programming
Halian Group
With over 20 years of experience, we have come to understand that innovation is the only way to provide agile, practical solutions that transform businesses and careers.
Our resourcing and smart services help you to realize tomorrow's potential. Discover the amazing things possible when you bring the right people and the right technologies together.
Job Details
Employment Types:
Part time
Industry:
IT / Computers – Software
Function:
IT
Roles:
Software Engineer / Programmer
Skills:
Sr. SIEM Engineer Splunk