Description
Cyberteam are supporting one of our clients in Amsterdam with a number of SOC/SIEM consultants.
Currently we are looking for a SIEM Engineer(QRadar) for an initial 6 months contract.
Role Details:
- This requires extensive knowledge of designing and developing SIEM Security Controls using QRadar and a good understanding of operations in a SOC.
- The candidate will primarily work on implementing the SOC Use Case Framework related epic's and user stories, utilizing SIEM tools, incl. QRadar, Splunk and JIRA Software and JIRA Service Desk within an agile scrum team.
- Transforming requirements products, eg use cases resulting in security events, alert/offences, and incidents.
Required Skills:
At least 3 years + of Security Operations knowledge, hands on SOC/SIEM experience:
Good understanding of Security Architecture
Good understanding of security technology (network security, process automation, SIEM, log management, application security)
Knowledge of Use Case Framework for a SOC
Understands the business justification for SOC's
Understands the business process workflow in a SOC
Extensive knowledge of QRadar
Extensive experience in implementing QRadar rules and alerts
Extensive knowledge of Business Analysis processes
Experience in requirements engineering and translation into functional and technical design documents and implemented solutions
Extensive knowledge of Computer Networking and Networking Protocols including TCP/IP, SMB, HTTP(S) and good understanding of Active Directory GPO's.
Extensive understanding of Security Controls such as Firewalls, NIDS, DLP, Network proxies.
Experience in implementing Splunk rules, reports, dashboard and CEF output
Please submit your profile now for consideration, candidates must be able to live and work in Europe, without sponsorship.