Upgrade Post project

LogRhythm SIEM Rule/Content Developer

GB  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Content Soc Cyber security Security Information Technology Communication Documentation Developer SIEM Test

Description

LOGRHYTHM SIEM RULE/CONTENT DEVELOPER - Inside IR35

DESCRIPTION
A cyber security services and platform company whose mission is to help our customers react faster and smarter - and stay ahead of security threats, by creating secure digital ecosystems. Automating processes to detect and prioritize threats early and respond rapidly and decisively. Trust by some of the world's largest enterprises to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. Seeking a SIEM Expert join our UCF team. This individual will operate within the Use Case Factory code and develop SIEM rule use cases based on design specifications provided by the SIEM Rule Designer.

Key Responsibilities:
  • Experience with SIEM LogRythm
  • Implement SIEM code and logic rules per the specifications provided by the SIEM Rule Designer.
  • Ensure that the output from the SIEM system is aligned to requirements for upstream applications (Incident Management Platform), and users (SOC analysts).
  • Perform initial rule optimization (optimisation being optimizing query performance, condition ordering, initial filtering to reduce false positives etc.), prior to handoff to the Rule Tuning Engineer.
  • Create all required Detection Rule Use Case documentation, to include test requirements and acceptance test criteria.
  • Perform unit testing to ensure that alerts trigger as specified and that the output of the alert meets requirements.
  • Support acceptance testing as needed.

REQUIREMENTS
  • Must have Skills:
  • Regex development
  • Kusto or SQL knowledge, including query optimisation
  • Familiar with security technologies (Firewall, Proxy, Linux, Windows)
  • SIEM system deployment
  • JSON
  • Fluent in English

Desired Skills:
  • Knowledge of the Security Frameworks eg ISO27000x, NIST etc.
  • Information Security and/or Information Technology industry certification (CISSP, CISA, CISM, GIAC or equivalent)
  • Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
  • Good interpersonal and communication skills, works effectively as a team player
  • Ability to function effectively in a Matrix structure
  • Strong facilitation, negotiation, and conflict resolution skills
  • Analytical skills
Start date
ASAP
Duration
6 months Initially
From
Spier Consulting Ltd
Published at
04.03.2021
Project ID:
2062303
Contract type
Freelance
To apply to this project you must log in.
Register