Cyber Security engineer

Key responsibilities

• Researching and developing new threat detection use cases based on intelligence and research into emerging threats.
• Management and development of security analytics and correlation rules
• Work alongside incident response analysts to improve the detection time and response for security incidents.
• Design dashboards to capture metrics from the SOC.
• Generate appropriate alerting within SIEM to trigger investigations.
• Collaborate with the platform team on the normalization of incoming log sources and events.
• Participate in other Incident Response activities.
• Research and implement new analytics and playbooks that can be used within the SOC / IR teams.
• Security automation, log analysis, continuous monitoring and managing a SIEM.
• Working with the DLP squad & wider Technology stakeholders, you will support the continuous improvement of our services through the development of automation scripting and effective observability solutions.
• You will be supporting the rapid prototyping of various tools, technologies, and their new capabilities, aligning to business requirements.

Role requirements

• Experience : 4 to 10 years.
• Scripting : Python, PowerShell or similar
• DevOps : Git, CI / CD Pipeline, Test Automation
• OS : Linux, Windows, macOS(optional)
• Networking : network configuration and debugging
• Security Practices : Knowledge of critical cyber security controls
• Experience working within Agile teams.
• Knowledge of IT Service Management (ITIL)
• Cloud : Azure, M365, AWS, etc.
• Solid experience with Splunk Search Processing Language (SPL)
• Experience working within a Security Operation Centre (SOC)
• Good understanding of network and security log sources, and log normalization
• Experience in SIEM content development and tuning alerts.
Il y a 5 heures