Job Description
Security Operations Centre (SOC) Cyber Security Architect The eir evo Security Team is responsible for protecting and monitoring our clients' organisations. We provide 24x7x365 capabilities to protect, detect, analyse, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes. This is a significant, established team supporting a range of enterprise client organisations. The Security Operations Team then work closely with our clients and our Network Operation Team to ensure security issues are addressed quickly and effectively upon discovery. The Cyber Security Architect will design and implement technologies that are used for security threat monitoring, detection, event analysis and incident reporting for the cyber security team. We are looking for a Cyber Security Architect to lead the technical engineering team within the Security Operations Centre. This is a strong technical expert with the ability to quickly understand and evaluate technologies and integrate new technologies into out suite of services. Responsibilities will include: The Security Architect will collaborate with cross-functional teams, including project managers, network engineers, system administrators, and developers, to ensure security and operational requirements are met throughout the project lifecycle. Supervise the design and technical development of the SOC projects. Manage the team resources to quality, schedule and budget requirements. Coordinating with Head of SOC and SOC manager on development and delivery of Security Solution Bundles. Engage proactively with large customers to understand business needs & develop solutions and services to improve their security posture. Develop process and support the SOC as an advanced escalation point for Level II and Level III analysts and engineers. Support the day-to-day operation of a highly available, distributed, multi-tenant SIEM, SOAR, EDR deployment. Responds to, and investigates, security incidents and provides thorough post-event analyses. Develops project processes, timelines, checklist for ongoing system upgrades. Develop use cases, queries, dashboards, and visualizations to support customer requirements. Create custom scripts and parsing to onboard data sources not natively supported by SIEM. Responsibility for complete life-cycle management with event source system administrator/owners. Including coordination and planning for system upgrades, new systems, as well as maintaining current operational event flows. Responsible for configuration of enterprise security log sources into the SIEM, EDR SOAR, VA solutions. Continuously assess current state of security monitoring and response solutions and recommend improvements. Conduct research on the latest threats and the latest technological advancements. Perform quarterly audits on SIEM, SOAR, EDR, VA technology. Work with the automation team to develop scripts and improve overall operational efficiencies. Support Architecture changes required to supporting evolving business needs and threat profile. Deliver architectural initiatives that drive and improve efficiency in line with business strategy. Is this you? Passionate and Professional security mind set Ability to communicate effectively with all levels of an organization from Engineering/Operations to CIO/CISO audiences 8+ years of experience in the information security field 5+ years of experience in SIEM deployment and architecture. Experience in a technical customer service/technical support environment that adheres to service level agreements (SLAs) Strong understanding of SIEM and UEBA Good understanding of MITRE ATT&CK matrices, kill chains and other attack models. Strong knowledge of scripting languages such as Python, Powershell. Working knowledge of cloud technologies, windows infrastructure & networking. Experience integrating endpoint security and host-based intrusion detection solutions Strong knowledge on Cloud SIEM solutions and SOAR. Education: Bachelor's Degree or equivalent preferably Fluent English Candidates must be eligible to work in Ireland or currently hold a Stamp 4/1G Visa to apply. Eir evo/eir evo talent and our clientsare an equal opportunity employer who seeks to recruit and appoint the best available person for a job regardless of marital / civil partnership status, sex (including pregnancy), age, religion, belief, race, nationality and ethnic or national origin, colour, sexual orientation or disability. Eir evo/eir evo talentapply all relevant Data Protection laws when processing your Personal Data. If you choose to apply to this opportunity and share your CV or other personal information with Eir evo/eir evo talent, these details will be held by us in accordance with our privacy policy used by our recruitment team to contact you regarding this or other relevant opportunities at Eir evo/eir evo talent We are committed to creating an inclusive and supportive work environment. If you require any reasonable adjustments during the application or interview process, please let us know, and we will work with you to meet your needs #eirforall EVO6213 Skills: SIEM, SOAR, Firewalls, WAF and Proxy SIEM deployment and architecture MITRE ATT&CK matrices