Description
The SIEM consultant will work with our client's customers to build technical solutions to their monitoring and analytics problems. They will collaborate to define the technical requirement (use cases), install and configure SIEM software, integrate log data sources, create filters, rules, reports and dashboards and finally test and demonstrate the working system. The SIEM Consultant will be expected to produce a high standard of documentation and train customer technical staff as required. The SIEM technologies used will be primarily ArcSight and Splunk.A suitable candidate for this ArcSight or Splunk Consultant role will have varied hands-on technical experience with networking, security (e.g. firewalls anti-virus), Windows and Linux. They will also need strong interpersonal skills and an appreciation of project management.
Essential skills/experience
Practical experience and/or certification in one or more SIEM product-ArcSight, Splunk
- Provisioning, Configuration and Operational Management of devices within a Security domain
- Infrastructure build and operation including:
- Network protocols, TCP/IP
- Windows, Linux or OS X
- Network & security infrastructure
- Various security tools (anti-virus, spam email & data loss prevention)
- Security processes and methodologies
- Must have proven track record of delivery in a multi-disciplined environment.
- Demonstrable experience of security related incidents and work requests.
- Familiarity with industry leading security products.
- In depth knowledge of SIEM toolsets.
- In depth knowledge of Full Packet Capture toolsets.
- In depth Knowledge of Intrusion Detection
- Remote access solutions
- Multi-tier architectures
- Designing systems from system requirements
Desirable skills/experience
- Bachelor's degree in Information Security, Computer Science, Information Technology or related degree
* Experience as a Security Analyst.
* Must have proven track record of delivery in a multi-disciplined environment.
* Demonstrable experience of security related incidents and work requests.
Additionally, any relevant IT Security certifications / accreditations would be considered a plus ie: CISA, CISSP, CRISC etc.