Description
SIEM Technical Expert
Role:
As a Senior SIEM Engineer you will be responsible for:
- Day to day management of the global ArcSight-based SIEM environment and all underlying components (ESM, Connectors, Loggers, Windows and Linux Servers, Network Appliance Storage, and Backups).
- Provide expert support, guidance and quality assurance to G-SMC clients managing their own ArcSight infrastructure, feeding their data in G-SMC's ArcSight environment.
- Guidance, oversight and quality assurance on the event/data source integration.
- Coordination and planning for system upgrades, security patches, new systems, as well as maintaining current operational event flows. Provide optimization of connector interfaces, aggregation, and data normalization;
- Manage/Coordinate relationships, projects, and open issues with vendor support, Professional Services staff, and internal networking teams
- Participate and/or lead efforts towards improving the existing process and procedures required for security monitoring engineering.
- Support on-boarding of new clients and monitored environments.
Education:
- Bachelor/Master or equivalent by experience in IT
- Certification: CISSP, SANS
Languages:
- French: Preferred (strong benefit)
- English: Fluent
Required knowledge/Experience:
- 7 years of experience within the IT domain
- 4+ years of specialization in security analytics, monitoring, cyber defense & detection
- A solid and proven expertise in maintaining SIEM solutions, based on ArcSight and other technologies.
- A strong vision and holistic view on what it takes to perform effective and efficient security monitoring
- Ability to dive into deep technical matters without losing track of the bigger picture
- In-depth understanding of network and security monitoring architecture
- Strong logical and analytical skills
- Strong troubleshooting skills (complex network and security problem resolution)
- In-depth understanding and experience in managing security device installations such as Firewalls, proxies, IDS/IPS,
- Architectural experience in designing networks and SIEM environments.
- Other detection/monitoring solutions such as Snort, Q-Radar, RSA Envision,
- Experience with security device installations, configuration and troubleshooting (eg, Firewall, IDS/IPS, etc.)
- Prior experience of working in process oriented organization;
- Prior experience of working in/for financial institutions.
Soft skills:
- Team player
- Quick self-starter, pro-active attitude
- Good communication, presentation and Influencing skills
- Good analytical, synthesis and logical skills
- Autonomy, commitment and perseverance
- Ability to work in a dynamic and multi-cultural environment
- Ability to cope with pressure
- Strong troubleshooting skills (Complex Network and Security Problem Resolution);
- Passion and drive to work in start-up division with potential of significant growth in scope and services;
- You are highly disciplined and motivated, able to work independently, under direction, or as a member of a team.