Cyber Security engineer
The Edge Partnership
Any Location
150K $-175K $ / an (estimé)
Temps plein
Key responsibilities
- Researching and developing new threat detection use cases based on intelligence and research into emerging threats.
- Management and development of security analytics and correlation rules
- Work alongside incident response analysts to improve the detection time and response for security incidents.
- Design dashboards to capture metrics from the SOC.
- Generate appropriate alerting within SIEM to trigger investigations.
- Collaborate with the platform team on the normalization of incoming log sources and events.
- Participate in other Incident Response activities.
- Research and implement new analytics and playbooks that can be used within the SOC / IR teams.
- Security automation, log analysis, continuous monitoring and managing a SIEM.
- Working with the DLP squad & wider Technology stakeholders, you will support the continuous improvement of our services through the development of automation scripting and effective observability solutions.
- You will be supporting the rapid prototyping of various tools, technologies, and their new capabilities, aligning to business requirements.
Role requirements
- Experience : 4 to 10 years.
- Scripting : Python, PowerShell or similar
- DevOps : Git, CI / CD Pipeline, Test Automation
- OS : Linux, Windows, macOS(optional)
- Networking : network configuration and debugging
- Security Practices : Knowledge of critical cyber security controls
- Experience working within Agile teams.
- Knowledge of IT Service Management (ITIL)
- Cloud : Azure, M365, AWS, etc.
- Solid experience with Splunk Search Processing Language (SPL)
- Experience working within a Security Operation Centre (SOC)
- Good understanding of network and security log sources, and log normalization
- Experience in SIEM content development and tuning alerts.
Il y a 5 heures