Description
SIEM LOGRHYTHM EXPERT (CBB) - Inside IR35DESCRIPTION
A cyber security services and platform company whose mission is to help our customers react faster and smarter - and stay ahead of security threats, by creating secure digital ecosystems. Automating processes to detect and prioritize threats early and respond rapidly and decisively. Trust by some of the world's largest enterprises to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. Seeking a skilled and experienced ArcSight Engineer to join our onboarding team.
Responsibilities
- Understand LogRythm components in depth
- Understand customer requirements and recommending best practices for SIEM solutions
- Offer consultative advice regarding security principles and best practices related to SIEM operations
- Develop new SIEM rules, correlations, and dashboards to meet customer needs
- Design and document the requirements for a SIEM solution that meets customer needs
- Track and document open tasks
- Deploy and configure SIEM components and tuning customizing, and maintaining these components
- Provide guidance in configuring end log sources (in-scope) to be logged to the SIEM
- Verify and investigate data log sources
REQUIREMENTS
- Experience with LogRythm- creating detection rules, workbooks and reports
- Excellent familiarity with the Azure Sentinel components
- Excellent familiarity with different security attack vectors and means of protection
- Minimum 4 years experience in a similar role
- Preferred SIEM vendor certification of administrator
- Experience and proficient in UNIX/Linux and/or Regular Expressions.
- The following certifications would be considered as advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC