Description
IT Technology & Security Lead, SIEM/RSA enVision - Antwerp Region
6 month contract with possible extension - A more detailed job description is available upon request.
Skills required -
SIEM experience is a must (Security Information & Event Management), with a strong preference for RSA enVision.
Strong technical background and experience with a broad range of Operating Systems and applications is a plus, including in particular Windows Server 2003 and later, Linux SusE/Novell SLAS, and HPUX 11 and later. Operational experience (not user experience) with NetWitness is a plus. Broad knowledge of TCP/IP Networking protocols and products (such as Routers, Switches, Firewalls, load balancers, intrusion detection, DNS, web-content filtering, Databases (MS SQL; Oracle and so forth) is very important, as is experience with vulnerability assessment and risk management. At least 6 years total business experience with at least 3 years of experience in information management, information technology, and information security fields, and a proven track record of accomplishment.
Strong leadership, networking, and influencing skills to create alignment of senior cross-functional stakeholders
Knowledge of ITIL Framework- certifications a plus
The IT technology Lead, Security Event Log Management, is globally responsible for the security event and log management process and operational appliance of the process including but not limited to process ownership, security monitoring, event reporting and incident handling of our enterprise-wide IT Infrastructure.
- The deployment, integration and configuration of Global Centralized Log Management tools and processes, in accordance with sound design and change management principles.
- Perform application support activities such as report creation/fine-tuning, availability monitoring, rule development/fine tuning and data receipt, load and storage.
- Perform environmental administration tasks associated with the associated Operation System (OS) and Application, including but not limited to patching and upgrades.
- Operate and maintain an enterprise-wide log Management process and tool deployed across multiple environments to gather, analyse and present information from network and security devices; identity and access management applications; vulnerability management and policy compliance tools; operating system, database and application logs; and external threat data.
- Make reasoned and rational decisions about the required actions and escalations when security incidents occur.
- Assess the process for opportunities to improve the efficiency of the process, then implement and deploy such efficiency improvements
- The candidate will be responsible to act as the SME for the SELM platform (RSA envision).