siem engineer



As a SIEM Engineer, you will be a McAfee SIEM/Nitro security specialist for a very diverse client base.
You will be working with a team that is responsible for incident management, change execution, and the maintenance and support of various network security technologies in a rapidly changing security sector in large enterprises.
This role will ensure best practice implementation and operations of network security solutions, policies and emerging technology.

SPECIFIC TASKS
Provide in-depth cybersecurity analysis, and trending/correlation of large data-sets such as logs, event data, and alerts from diverse network devices and applications within the enterprise to identify and troubleshoot specific cybersecurity incidents and make sound technical recommendations that enable expeditious remediation.
Proactively search through log, network, and system data to find and identify undetected threats.
Conduct security tool/application tuning engagements, using McAfee ESM and McAfee ePO, with analysts and engineers to develop/adjust rules and analyze/develop related response procedures, and reduce false-positives from alerting.
Creating scripts using regex and other scripting languages Identify and ingest indicators of compromise (IOC’s) (e.g., malicious IPs/URLs, etc.) into network security tools/applications

MINIMUM QUALIFICATIONS
4+ years hands on experience with REGEX rules and scripting.
In-depth understanding of current cybersecurity threats, attacks and countermeasures for adversarial activities such as network probing and scanning, distributed denial of service (DDoS), phishing, ransomware, botnets, command and control (C2) activity, etc.
In-depth hands-on experience analyzing and responding to security events and incidents with most of the following technologies and/or techniques; leading security information and event management (SIEM) technologies, intrusion detection/prevention systems (IDS/IPS), network- and host-based firewalls, network access control (NAC), data leak protection (DLP), database activity monitoring (DAM), web and email content filtering, vulnerability scanning tools, endpoint protection, secure coding, etc.
McAfee Security Event Management certified (SIEM) definite asset 4+ years hands on experience with McAfee SIEM Strong communication, interpersonal, organizational, oral, and customer service skills. Strong knowledge of TCP/IP protocols, services, and networking.
Excellent ability to multi-task, prioritize, and manage time and tasks effectively.
Ability to work effectively in stressful situations. Strong attention to detail.

PREFERRED EDUCATION/CERTIFICATION REQUIREMENTS
BS in Information Security or equivalent work experience required and certifications.

Any of the following certifications are a plus:
CEH – Certified Ethical Hacker, CompTIA Security +, CCNA, Network+, Linux+, GCIA, GCIH, ECIH, CSA+ McAfee
Product Specialist SIEM
In-depth knowledge of TCP/IP and routing, firewall technologies, information security principles and practices.
Experience using application firewalls, SIEM, IDS/IPS

Empresa: Jolera
Local: Porto
Tipo: Full-time;

Registo | Login: Para responder a esta oferta terá primeiro de se registar ou fazer login.


Imprimir Imprimir Enviar por email Enviar por email 25 / Março / 2018  comunicação, vários 

tibber gmbh is looking for: (sr) cyber-security analyst/engineer (the netherlands)



Job description:
As an analyst/engineer you will report to the Senior Director of IS Security, you will regular monitoring all information security systems for cyber-attacks, intrusion attempts, and security breaches within the company and timely responses to any violation of threat Lead security threat intelligence gathering on new or potential security threats, actively manage threat events and lead the incident response, escalation and forensics analysis.

Key responsibilities:
– Act as the subject matter expert for all topics related to cyber and application security and maintain expertise in current and emerging technologies
– Monitor and scan for security vulnerabilities, threats and events in network, host systems and applications
– Perform penetration testing to identify vulnerabilities and recommend safeguards as preemptive measures
– Act as a focal point for IT security investigations, direct responses, and recommend course of action Develop strategies to handle security incidents and coordinate investigative activities; Develop standard processes and documentation for security incident tracking and management, in all locations
– Work closely with the business groups as a consultant to understand and deliver secure and reliable solutions to business problems
– Identification, selection and implementation of new Information Security an cyber-security capacities
– Review and make recommendation on any exception request to established security standards
– Review SaaS, PaaS, IaaS and outsource provider performance data to identify trends and issues and develop performance improvement plans
– Provide input to the CyberSecurity Delivery Technology Roadmap Assist in architectures and implementing managed service solutions. Lead future service delivery strategy development for information security with the latest technologies, intelligence, and potential threats and understand and utilize change management, project management and incident management processes.

The job requirements:
– Bachelor\'s Degree in Computer Science, Information Systems, or Engineering, or equivalent work experience with an information security focus
– At least 5 years and extensive experience in Information Security Forensics, malware identification, penetration testing, intrusion detection and defense in depth concepts and strategic thinking on security issues
– Deep technical knowledge of current trends in cyber-security, secure application coding methodologies and testing, host and network forensics and cryptology
– Hands-on experience and skill in the details of security threats, incident response and testing
– Possess strong skills to lead cross-functional teams (internal/client/vendor/onshore/offshore) and work collaboratively with all levels of technical and business teams
– Possess solid written an verbal communication skills, and polished presentation skills

Desired:
– Experience in information protection, information security a/o cyber-security
– Experience with intrusion Prevention Systems, Firewalls, Identity Management, and log correlation systems as well as their interrelationship with other IT systems
– Strong knowledge and understanding of cyber-security operations as structured in NIST, ISO, ITIL, COSO and COBIT frameworks
– Experience working with complex ERP software applications and integration projects
– Ability to work independently, driven to hunt for potential threats as well as collaboratively in a cross functional team
– Ability to motivate people, instill accountability and achieve results
– Security certifications including CISSP or Certified ethical hacker would be a plus

Empresa: TiBBer GmbH
Local: Roermond
Tipo: Full-time;

Registo | Login: Para responder a esta oferta terá primeiro de se registar ou fazer login.






60 utilizadores online