Security Engineer – SIEM Content / Use Case Development:

Join the global SOC team, defending  a challenging and complex threat landscape. Bring on expertise and knowledge to enable, improve and automate the monitoring, detection and response capabilities of a diverse environment with lots of cloud security considerations, and many opportunities to grow and develop!

Role Overview:

• Be part of the security  engineering team of  the SOC –  a diverse, international team, with an Agile/DevOps approach and cross-skilled experience and knowledge, providing a secure environment and enabling the Security Operations analysts, incident responders and threat hunters to better defend the organization and its assets, and better respond to threats.
• Be involved in full cycles of designing, building, fine tuning and improving security detection and response capabilities understanding threat actors’ TTPs; use data analytics, define and implement new tooling and collaborate with stakeholders to improve response actions in a large cyber defense SOC environment, with a focus on SIEM content.
• Optimize best data collection and analysis, acting on data and reporting utilizing SIEM and SOAR approach and tools to optimize and automate for efficient resource management, proper use case / model build up and fine tuning and overall intelligent detection linked to the threat model and business realities within the global business environment you are defending.
• Contribute to securing both internal networks/infrastructure and cloud (Azure, AWS, GCP) infrastructure and the relevant applications, enabling better monitoring and detection by utilizing large amounts of data and modern detection techniques.
• Role focuses on content development (taking user stories and developing use cases, updating and optimizing current use cases / sources / SIEM connectors etc.) using sources from cloud and hybrid infrastructure.
• Add value to multiple security projects in a multi-disciplinary team setup, advise and hands on contribute to get things done.
• Bring to the right stakeholders the right actionable information enabling them to better defend and manage risk (intelligent reporting, dashboarding, automation etc).
• Stay on top of ongoing security threats and overall developments in the security landscape linked to the organization’s threat model, and bring from an engineering perspective insight on how to leverage new methodologies, tools and optimizations and practically implement these

More info and full details available – reach out for a full conversation and insight on the role, the team, the organization and overall environment!

Requirements:

• 4+ years of experience in a relevant area in IT security, with a relevant background / education and experience in security areas that add value to the security engineering side of things in a SOC / SecOps setting (monitoring and detection, infrastructure / cloud security etc).
• Comfortable working with and making the most of large data sets (collection, analysis, response), creating content/use cases/models and bringing an automation mindset.
• Experience with SIEM, Network Security (IDS/IPS), EDRs, cloud native security tools.
• Automation experience and comfortable with programming / scripting (python/ shell/bash or similar) enabling you to do that.
• Expertise/Exposure working in a agile/devops environment such as utilizing iMicrosoft Azure DevOps in regards to service connections, pipelines, software distribution and integration
• Experience with SIEM, Log Analytics, Kusto Query Language (KQL), AWS CloudWatch and MS Azure Sentinel or similar (e.g. other SIEM tools like ArcSight, Splunk etc. ideally with a cloud related collection component).
• Strong defensive mindset with good understanding of threat actors TTPs and how to defend against these.
• Agile Scrum and DevOps mindset /experience.
• Good communication skills as you’ll be working in multidisciplinary environment and with many local and distributed teams and across many projects.
• Problem solving mindset with a get things done mentality. Team player that’s not afraid to take initiative and work also independently where needed to bring things to a successful completion.

Get in touch to discuss further and share more details on this or other relevant opportunities (including discussing your career in information security in general!).

Relevant terms: Security Engineering,  IT Security, SIEM, SOC, Detection and Triage, Incident Response, MDR, Threat Intelligence, Forensics, Security Data Lake, IDS, IPS, Log collection, Log Management, Network Security, System Security, Application Security, Cloud Security, AWS, Amazon Web Services, Microsoft Azure, Google Cloud Platform Services, Linux, Windows, Azure Sentinel, Splunk, ELK, ArcSight, QRadar, , GuardDuty, Security Orchestration and Response, SOAR, ThreatConnect, Swimlane, , Behavior Analysis, DarkTrace, SmartResponse, Containers, Docker, Kubernetes, Python, Bash, Shell, Azure Devops, SCRUM, Agile.

Base Cyber Security helps organizations build knowledge and capabilities in information security. Supporting organizations putting together strong infosec teams or finding the right cyber security experts for their needs is a big part of that.

We work with security professionals globally for information and cyber security roles and projects across all industries in Europe. Whether you are starting your career in information security, need advice for your next step, deciding on how to build knowledge or choose a growth area in security to continue with, let’s have a conversation!

If you have not yet registered with the Base Cyber Security network, be sure to do so! Send us your details at [email protected] & follow us on Twitter @BaseCyberSec to stay up to date with our activities and relevant info.

By registering with the security community and / or showing interest in a specific role, project or team, you agree with sharing your personal information with Base Cyber Security, which will in turn collect, use and process this in an ethical, private and compliant (including under the GDPR where applicable) manner.