Job Description
- SIEM Engineer Provide advice on structure of logs understanding of logs custom log ingestion parser creation parser validation and use case creations
- Educate skill groups and other stakeholders about reports and dashboard abilities to provide value focused outcome
- Write review and maintain the knowledgebase articles
- Devise innovative integration of security toolsets that enables automated discovery remediation and alerting as a means of improving the security posture while also reducing efforts
- Design configure integrate and deploy open source and commercial tools to monitor systems and enrich the overall Security capability
- Create custom parsers generate custom dashboards and reports deliver integration activities
- At least five 5 years of security operational management experience including at least 2 years on McAfee SIEM and trained in McAfee SIEM, at least one 1 year on Splunk and trained in Splunk or Azure Security Centre
Primary Skills
- Azure Security
- SIEM
Secondary Skills
- IPS/IDS
- Splunk