SIEM Platform Management Senior Advisor
Adecco Permanent Placement is recruiting for its client global leader in intelligence-driven information security solutions, a SIEM Platform Management Senior Advisor.
The SIEM Platform Management Senior Advisor will be expected to leverage Siemplify and Splunk in order for :
Standard Log Sources On-Boarding, by taking part in the planning, testing and implementation of the new device or host deployment projects and providing the SIEM requirements for its successful on-boarding;
New Log Source Type On-Boarding Projects, by providing assistance on on-boarding new appliances / servers into the SIEM platform, providing requirements and verifying that the on-boarding has been done successfully;
Configuration Back-up, by creating an automatic back-up task or on demand based on an agreed schedule with the Customer and performing weekly reviews of the back-up mechanisms;
Maintaining the SIEM platform up to date by downloading, testing and performing platform updates;
Creating and implementing SIEM data retention policy, based on Customer requirements;
Integrate the SIEM platform with 3rd party technologies, when applicable (e.g. Tripwire);
Correlated SIEM rule proposal and subsequent creation, based on identified threat use cases including OT;
Automation and Orchestration for incident response flows;
Maintain, upgrade and create of platform connectors facing other technologies such as : firewall platforms, endpoint platforms, proxy, DNS;
Regular Siemplify platform administration activities such as : upgrade, patching, user account management.
Essential Requirements :
5+ years of experience in cyber security;
Previous experience with Splunk and Siemplify administration and content development;
Previous experience with orchestration platforms : Phantom, Ansible;
Previous experience with connector development in Python;
University education, degree in Computer Science, Information Systems, or Network and Security;
Detailed knowledge of security technologies and trends. Desirable Requirements;
Possess active industry certifications such as SSCP, GCIH, GCIA or related;
Working knowledge / experience of network systems security principles and applications;
Fundamental understanding of defense strategies.