The Security Operations Centre (SOC) is the hub for our cybersecurity team, responsible for monitoring and analysing our organisation's security posture on an ongoing basis.
The SOC team's primary goal is to provide 24x7x365 capabilities to detect, analyse, and respond to cybersecurity incidents using a combination of technology solutions and robust processes.
The SOC staff collaborate closely with our customers and the Network Operation Centre (NOC) team to ensure that security issues are addressed promptly upon discovery.
We are seeking a Cyber Security Engineer to support technologies used for security threat monitoring, detection, event analysis, and incident reporting for the cyber security team.
Main Responsibilities:
* Support the day-to-day operation of a highly available distributed multi-clustered multi-tenant SIEM, SOAR, EDR deployment
* Onboard and maintain a wide variety of data sources, including various OS, appliance, and application logs
* Create queries, dashboards, and visualizations to support customer requirements
* Perform troubleshooting and remediation of issues as they arise with data ingestion
* Track and resolve security engineering incidents on regular frequencies and collaborate with other teams for resolution and suggest areas for improvement
* Complete life-cycle management with event source system administrator/owners, including coordination and planning for system upgrades, new systems, and maintaining current operational event flows
* Lead and manage relationship, project, and open issues with vendor support
* Technical design and administration of security controls and services, architecture, infrastructure, network systems, application security tools, and processes, and incident response functions
* Maintain documentation for the solution environment and develop technical documentation as required
* Configure enterprise security log sources into the SIEM, EDR SOAR, VA solution
* Continuously assess the current state of security monitoring and recommend improvements
* Conduct research on the latest threats and technological advancements
Requirements:
* Passionate and professional security mindset
* Strong customer service skills to follow up with clients and handle escalations
* Capability to ensure confidentiality and discretion in performing sensitive tasks
* Experience in a technical customer service/technical support environment that adheres to service level agreements (SLAs)
* 3-4 years of experience in the information security or IT field
* 2-3 years of experience in SIEM deployment
* Strong understanding of SIEM and UEBA
* Strong knowledge of scripting languages such as Python, Power Shell
* Working knowledge of Machine learning in cybersecurity
* Working knowledge of cloud technologies
* Good understanding of infrastructure, log collection methodologies, and aggregation techniques
* Experience integrating endpoint security and host-based intrusion detection solutions
* Expertise in TCP/IP network traffic and event log analysis
Educational Requirements:
Bachelor's Degree or equivalent
Languages:
English: fluent
Eir evo/eir evo talent is an equal opportunity employer
We value diversity and inclusion and seek to recruit and appoint the best available person for a job regardless of marital/civil partnership status, sex (including pregnancy), age, religion, belief, race, nationality, ethnic origin, colour, sexual orientation, or disability
We apply all relevant Data Protection laws when processing your Personal Data
If you choose to apply to this opportunity and share your CV or other personal information with us, these details will be held by us in accordance with our privacy policy used by our recruitment team to contact you regarding this or other relevant opportunities at Eir evo/eir evo talent
We are committed to creating an inclusive and supportive work environment
If you require any reasonable adjustments during the application or interview process, please let us know, and we will work with you to meet your needs