Description
We are looking for a
SIEM Administrator/Operator (m/f)
Reference: -en
Start: 07/15
Duration: 6 MM++
Place: in Rhineland-Palatinate
Branch: Chemische Industrie
Your tasks:
- Ongoing operation of SIEM environment
- Support and enhance event parsing, log collection, storage, automation, monitoring and reporting
- Create and Enhance correlation rules
- Open and process vendor cases
- Open and process internal incidents and changes
- Produce and update technical documentation.
Your qualifications
- Basic knowledge/experience in Operating Systems (Linux, UNIX, Windows), databases, network topologies, network firewalls, Anti-Virus, IPS/IDS, DLP, HIDS/HIPS etc.
- Good knowledge/experience in ArcSight Enterprise Security Manager (ESM), Log Management
- Understanding of common log formats such as syslog and CEF
- Experience in creating scripts
- Good troubleshooting, reasoning and problem solving skills
- Team player willing to share knowledge and learn from others
- Work effectively on several concurrent topics
- Good time-management and organizational skills and ability to work autonomously in a dynamic environment
- Ability to speak and communicate clearly and effectively in German and English.
- Ability to write clear and concise technical documentation in English.
- Basic knowledge in MS Office
Skills:
- Administrator