Job Description
The Security Operations Centre (SOC) houses the cybersecurity team responsible for monitoring and analysing an organisation’s security posture on an ongoing basis. The SOC team’s goal is to provide 24x7x365 capabilities to detect, analyse, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes.The SOC staff work closely with our customer and eir evo’s Network Operation Centre (NOC) team to ensure security issues are addressed quickly upon discovery.The Cyber Security Engineer will support technologies that are used for security threat monitoring, detection, event analysis and incident reporting for the cyber security team.We are looking for a Cyber Security Engineer to perform the following duties:Support the day-to-day operation of a highly available distributed multi-clustered multi-tenant SIEM, SOAR, EDR deploymentSupport onboarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logsCreate queries, dashboards, and visualizations to support customer requirementsPerform troubleshooting and remediation of issues as they arise with data ingestionTrack and resolve security engineering incidents on regular frequencies and collaborate with other teams for resolution and suggest areas for improvementResponsibilities for complete life-cycle management with event source system administrator/owners, including coordination and planning for system upgrades and new systems, as well as maintaining current operational event flowsTake the lead and manage/coordinate relationship, project, and open issues with vendor supportTechnical design and administration of security controls and services, and architecture, e.g. infrastructure and/or network systems, application security tools and processes, and/or incident response functionsMaintain documentation for the solution environment and develop technical documentation as requiredResponsible for configuration of enterprise security log sources into the SIEM, EDR, SOAR, VA solutionContinuously assess current state of security monitoring and recommend improvementsConduct research on the latest threats and the latest technological advancementsJob schedule: Business Hours Monday-Friday (On Call)Is this you?Passionate and Professional security mind setStrong customer service skills to follow-up with clients and handle escalationsCapability to ensure confidentiality and discretion in performing sensitive tasksExperience in a technical customer service/technical support environment that adheres to service level agreements (SLAs)3-4 years of experience in the information security or IT field2-3 years of experience in SIEM deploymentStrong understanding of SIEM and UEBAStrong knowledge of scripting languages such as Python, PowerShellWorking knowledge of Machine learning in cybersecurityWorking knowledge of cloud technologiesGood understanding of infrastructure, log collection methodologies and aggregation techniquesExperience integrating endpoint security and host-based intrusion detection solutionsShould have expertise on TCP/IP network traffic and event log analysisEducation: Bachelor’s Degree or equivalent preferablyEnglish: fluentEir evo/eir evo talent and our clients are an equal opportunity employer who seeks to recruit and appoint the best available person for a job regardless of marital/civil partnership status, sex (including pregnancy), age, religion, belief, race, nationality and ethnic or national origin, colour, sexual orientation or disability. Eir evo/eir evo talent apply all relevant Data Protection laws when processing your Personal Data.If you choose to apply to this opportunity and share your CV or other personal information with Eir evo/eir evo talent, these details will be held by us in accordance with our privacy policy used by our recruitment team to contact you regarding this or other relevant opportunities at Eir evo/eir evo talent.EVO5898 #J-18808-Ljbffr