Great-West Lifeco
Building on our strengths. Investing in our future. Great-West Lifeco is an international financial services holding company with interests in life insurance, health insurance, retirement and investment services, asset management and...
* Hybrid role based in our City Centre offices
What we offer
We have embraced a hybrid working model for most of our positions, which means that you can enjoy a balanced approach of working from home for part of the week and working from the office for the remainder of the week.
We offer a comprehensive benefits package including competitive salaries and bonuses, robust Learning and Development support, excellent Defined Contribution pension and comprehensive Wellbeing initiatives and support to name but a few.
We are seeking an experienced Senior Technical Specialist (Detection Engineer) to join the Endpoint Security Team as a Subject Matter Expert, focusing on SIEM management, Log source onboarding, and continuous improvement of security monitoring coverage and capabilities. The Senior Technical Specialist will be a key player in driving the operational excellence of our Security Information and Event Management (SIEM) systems. This role will support our global SOC by providing high-fidelity signals and technical analysis aimed to detect adversary tactics, techniques, and behaviours.
Team Background
The Endpoint Security Team sits within our Central Security Services department and reports to the Head of Security Operations. This team has oversight/responsibility for:
• Antivirus
• Endpoint Detection and Response (EDR)
• Security Incident Event Monitoring (SIEM)
• Privileged Access Management (PAM)
• Database Security
• Endpoint Security Metrics & KPI’s
• Endpoint Security Strategy & Roadmaps
What you will help us to achieve
• Build new detection capabilities based upon research, analysis of threat actor methodologies, and testing of new attack techniques for cloud-based platforms in Azure, AWS, GCP and other SaaS providers.
• Serve as a Subject Matter Expert (SME) for SIEM management, log source onboarding, and SIEM platform optimisation.
• Design, deploy, and maintain SIEM agents/systems across the environment to meet Service Level Agreements (SLAs) and operational requirements.
• Onboard and integrate new log sources into SIEM, ensuring compliance with organisational security policies and regulatory requirements.
• Contribute to development and implementation of use cases and correlation rules to detect and respond to security incidents.
• Perform periodic audits and health checks of SIEM infrastructure, including performance tuning, system upgrades, and patch management.
• Collaborate with cross-functional teams to ensure successful integration of log sources from various network devices, application, and security tools.
• Participate in incident detection and response activities, acting as a key member of the Critical Incident Response Team during major incidents.
• Proactively identify opportunities to automate, optimise, and enhance the SIEM platform and overall security operations.
• Actively work with our threat operations and engineering team to enhance the processes that support the SOC team’s mission.
• Mentor junior engineers and provide training on SIEM technologies and security event management practices.
• Production of quality documentation and training material.
• Ensure adherence with risk management programmes.
• Security Infrastructure Capacity Planning & Management for the SIEM service.
• Identify opportunities or emerging demands and plan for them.
• Ensure that business risks are identified, and adequate controls are in place.
• Ensure alignment with industry best practices, compliance standards, and frameworks such as ISO 27001, NIST, GDPR, MITRE ATT&CK framework and more.
What you will need to be successful in the role
• Third level qualification in Information Security or IT, or equivalent work or education-related experience preferable.
• Ideally five years’ experience in an IT Security industry role and ten plus years’ experience in the IT industry.
• Previous experience in one or more of the following: Host, Network, or Cloud Intrusion Detection, Cloud Security Research, Cloud Security Operations (CloudSecOps) in AWS, GCP, Microsoft Azure, Kubernetes/Docker, and/or SaaS services.
• In-depth experience with popular SIEM platforms such as Trellix SIEM, Microsoft Sentinel, Splunk, QRadar etc.
• Experience creating and optimizing detections for cloud environments.
• Programming / Scripting experience (Python, JavaScript, PowerShell, etc.)
• Ability to Design, build and implement components of the technical infrastructure using an advanced and in-depth knowledge of the technology.
• Advanced technical troubleshooting skills, particularly in the windows environment. Experience with failover clusters, disaster recovery, backup & restore, patching and server hardening.
• Knowledge of information security and risk control frameworks such as COBiT, ISO 27001, ISO 27002, GDPR, OWASP.
• Industry recognised certifications desired such as Security +, Certified Information Systems Security Professional (CISSP), SIEM-specific certifications (e.g., Splunk Certified Admin, QRadar Specialist) are desirable.
Key Competencies
Problem Solving and Decision Making
Planning & Organising
Team Working & Cross Functional Collaboration
Innovation and Change
Drive for Results
About us
Canada Life Group is the top-level European holding company for the Great-West Lifeco Group’s European insurance, reinsurance, and asset management companies, with business operations in the UK, Ireland, Germany, and the Isle of Man.
European Technology sits within Canada Life Group and encompasses the technology community across all European entities, Irish Life Group, Canada Life UK, Canada Life Europe, and Central Technology Services. European Technology supports the business strategy and collaboration of technology across all European divisions.
The company reserves the right to draw up a shortlist as part of the selection process. Where Agency assistance is required the Canada Life Recruitment Team will engage directly with suppliers. Unsolicited CVs / profiles supplied to Canada Life by Recruitment Agencies will not be accepted for this role.
Canada Life Group Services is proud to be an Equal Opportunities employer. We have created an environment of inclusion and growth to help people achieve their potential, to ensure they can bring their whole selves to work and to feel valued. We celebrate diversity of thought and perspective and want all of our employees to feel valued, respected and supported.
If you require any accommodations during the recruitment process please contact lifecareers@irishlife.ie and we will be delighted to ensure you are fully supported to be your best.
CLGS supports Equal Opportunity and is regulated by the Central Bank of Ireland.
#J-18808-Ljbffr