Upgrade Post project

SC Cleared SIEM Tool Manager

Leuze-en-Hainaut  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Linux Network Automation Security Administration Communication Application SIEM Arcsight Manager

Description

SC Cleared SIEM Tool Manager - until 31st December (initially) 3 year potential extension - 5 days a week onsite at Mons/Belgium - 60-65 euros per hour all inclsuive of travel

As Security Incident and Event Manager (SIEM)/Log Aggregation (LogA) Tool Manager, the incumbent will be responsible for supporting Cyber Defence operations, maintaining and updating the tool's configurations to match the threat environment, specifically for SIEM/LogA perimeter.

The SIEM/LogA Tool manager will work with the Security Event Analysts (SEAs) and the Operations and Maintenance (O&M) Service Staff to help tune the security tools for optimum performance, with three main aims:

  • To ensure logs are properly collected at site level via Arcsight connectors or splunk forwarders.
  • To ensure that LogA (Log Aggregators) are deployed at remote sites and key systems are configured
  • To ensure Security Information and Event Management (SIEM) subsystem is operative and collects a continuous event rate of events per second from many different sources such as sensors (NIDPS, FPC, HIDS, antivirus, etc.) and network security devices (Firewalls, proxies, etc.), analysing and identifying Real Time threats

    • Skills Required:

    Extensive practical experience with SIEM and Log Aggregation products - egMicroFocus ArcSight and Splunk.
    Expert level and previous experience related to Log Aggregation and SIEM management activities
    Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours.
    Good knowledge of maintaining a secure enterprise network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, HIDS/EPO.
    Knowledge of Sourcefire/Snort.
    Practical hands-on experience in systems and tools administration.
    Comprehensive knowledge of the principles of computer and communication security, networking, and the vulnerabilities of modern operating systems and applications.
    Troubleshooting of Linux and/or Windows infrastructures.
    Practical skills in writing bash, python or ansible scripts to support repetitive tasks automation, Linux system and application administration and troubleshooting
    Solid understanding of regular expressions
    Proficient with SIEM content creation - correlation rules, reports, dashboards

    SC Cleared SIEM Tool Manager - until 31st December (initially) 3 year potential extension - 5 days a week onsite at Mons/Belgium - 60-65 euros per hour all inclsuive of travel

    Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy

    Damia Group is acting as an Employment Business in relation to this vacancy.

    Start date
    n.a
    Duration
    5 weeks
    From
    Damia Group LTD
    Published at
    25.10.2020
    Project ID:
    1988522
    Contract type
    Freelance
    To apply to this project you must log in.
    Register