Skip to content

CareerBoard

Contact us at +44 (0)1621 817335
Advertise your job!
 

Job Application

 
 
 

Please answer the following questions in order to process your application.

 
 
Email Address *
 
Do you require a work permit/Visa to work in the country of this job? *
 
 
 
File Attachments:
(2MB file maximum. doc, docx, pdf, rtf or txt files only)
 
Attach a CV * 
 
Optional covering letter 
OR
Clear covering letter
 
 
 * denotes required field
 
 
 
Additional Information:
 
First Name
 
Last Name
 
Address
 
Country
 
Home Telephone
 
Mobile/Cell
 
Availability/Notice
 
Hourly Rate GBP
 
Approximately how far are you willing to travel to work (in miles) ?
 
 
 

Key Privacy Information

When you apply for a job, CareerBoard will collect the information you provide in the application and disclose it to the advertiser of the job.

If the advertiser wishes to contact you they have agreed to use your information following data protection law.

CareerBoard will keep a copy of the application for 90 days.

More information about our Privacy Policy.

 
 

Job Details

 

SIEM Engineer - remote (Contract)

Location: Dublin Country: Ireland Rate: Euros 550 per day
 

Seeking an experienced Senior Information Security Engineer with demonstrated competence and thought leadership capability to contribute toward the success of our technology initiatives.

Job Description: The SIEM Engineer is a critical role within the Cyber Defense Department supporting the Security Information and Event Management (SIEM) platform. This individual will be focused on supporting our Global Security Operations Center and Computer Security Incident Response teams by building and tuning security alerts, reports and assisting with use of the SIEM for Real Time investigation and analysis. Additional responsibilities include implementing organizational policies, maintaining the health, performance, stabilization and ongoing support of the SIEM infrastructure, and partnering with other Cyber Defense teams in integrating security solutions with the SIEM.

Responsibilities:
- Design, building, testing and implementation of security alerts and reports using knowledge of event source logs and network packet data.
- Partner with Global Security Operations Center (GSOC) and Computer Security Incident and Response (CSIRT) teams to tune out false positives from alerts.
- Improve the ability to build complex security alerts by making and implementing recommendations on event source coverage, log and packet meta-tagging, and log and packet filtering.
- Design and build dashboards in the SIEM.
- Assist users of the SIEM in Real Time investigation and analysis.
- Evaluates and recommends new and emerging security products and technologies.
- Stay abreast of current technologies, security compliance requirements, standards and industry trends in order to help achieve the goals of the department.
- Research and document security best practices to continually improve the deployment and use of the SIEM.
- Maintain the health, performance, stabilization, tuning and ongoing planning of the SIEM platform.
- Support the SIEM platform and participate in on-call rotation
- Partners with groups within the organization to ensure successful deployments of the SIEM (eg, Business lines, Network Operations, Database Mgmt, Risk Mgmt, Audit and Compliance, other ISS teams, Mid-Range Server Teams, Mainframe server teams, etc.)
- Partners with other Cyber Defense teams in the integration of security tools with the SIEM.
- Performs the daily operation and execution of security-related tools, processes and controls related to cyber defense initiatives.
- Looks for ways to optimize security process and recommends opportunities and solutions for improvement and automation.
- Supports and mentors other members of the team.
- Supports and participates in incident response and technical investigations as needed.
- Ensures adherence to compliance regulations and policies. Works to develop and interpret security policies and procedures.
- Supports acquisition and vendor risk assessment due diligence.
- Participate in disaster recovery exercises It is the individual responsibility of every employee to maintain a current awareness and understanding of and to fully comply with our "Code of Ethics". Each employee is also expected to maintain an awareness of the banking laws, regulations, internal policies and procedures that are appropriate for his/her position.

Qualifications Required Skills
- Advanced experience with Esper and Event Processing Language (EPL)
- Advanced experience with complex event processing (CEP)
- Experience with RSA NetWitness, however advanced experience with other SIEM technologies, will be considered. (ArcSight, QRadar, AlienVault, LogRhythm, Splunk).
- Expert experience in log data analysis for identifying malicious behavior and security threats.
- Advanced to expert experience in network packet analysis for identifying malicious behavior and security threats.
- Ability to recognize security events of interest that may require improved detection/alerting capabilities.
- Hands on experience with Linux administration (CentOS preferred but not required).
- Advanced experience with both structured (relational) and unstructured databases.
- Advanced experience with process automation and/or Scripting (ie XML, C+, VBA, Regular Expressions, python, Pearl, etc)
- 6+ years experience with processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
- Familiarity with common industry best practices (ITIL, SDLC, AGILE, COBIT)
- Experience with Windows and Linux/Unix Servers
- Experience with SNMP, Syslog, WinRM, etc.
- Strong attention to detail and process.
- Excellent organizational, time management and interpersonal skills

Preferred Skills
- Security certification such as CISSP, GIAC, etc..
- Project Management skills.
- Security and IT Metrics experience a plus.
-  Understanding and application of NIST or other security control frameworks.
- Experience with RabbitMQ, Puppet, MongoDB.
- Experience using the Attack MITRE Framework
- Security Experience with Cloud Technologies (Azure, AWS)
- Experience in IAAS PAAS SAAS a plus


Posted Date: 05 Mar 2021 Reference: JSJRSIEM1 Employment Business: E-Frontiers Contact: John Ryan