Security Information and Event Management SIEM Engineer
Security Information and Event Management SIEM Engineer
Posted on :
25-03-2025
Employer Active
The job posting is outdated and position may be filled
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
We are seeking for client for a onemonth project highly skilled and experienced SIEM Engineer with 58 years of handson experience working on Security Information and Event Management (SIEM) tools such as QRadar Splunk Microsoft Sentinel Elastic Stack (Elasticsearch Logstash Kibana) and other SIEM platforms. The candidate will be responsible for the design deployment configuration and management of SIEM solutions ensuring efficient monitoring and proactive threat detection across the organization. This role involves collaboration with security teams to optimize incident detection analysis and response processes.
Job Details:
- Remote
- Full time
- 1month project (with a possibility to extend)
Responsibilities:
SIEM Implementation and amp; Configuration:
- Design deploy and configure SIEM solutions including Elastic Stack (Elasticsearch Logstash Kibana) Wazuh QRadar Splunk and amp; Microsoft Sentinel.
- Integrate various log sources (e.g. firewalls IDS/IPS network devices applications)/OT/IOT into the SIEM platform.
- Develop and finetune correlation rules dashboards and alerts for proactive threat detection.
- Perform system upgrades patches and manage the overall health of the SIEM environment.
Log Management and amp; Monitoring:
- Ensure proper log ingestion from multiple data sources including Elasticsearch and Kibana and troubleshoot any logging issues.
- Maintain data retention policies manage storage and optimize SIEM performance.
- Monitor and analyze system and security logs for anomalies potential threats or suspicious activities.
- Elastic Stack Management or any open source like Wazuh:
- Configure and maintain Elasticsearch clusters for log storage and search functionality.
- Utilize Kibana to create custom dashboards visualizations and reports for security monitoring.
- Work with Logstash or other log shippers for effective data parsing and enrichment before SIEM ingestion.
Requirements
Experience
- 58 years of experience working in SIEM engineering and administration roles.
- Proven expertise with SIEM platforms like QRadar Splunk Microsoft Sentinel and Elastic Stack (Elasticsearch Logstash Kibana).
- Experience in integrating and managing log sources from diverse systems and platforms.
- Strong understanding of security incident detection threat analysis and response processes.
Technical Skills
- Proficiency in SIEM platform management rule creation and performance tuning.
- Handson experience with Elastic Stack (Elasticsearch Logstash Kibana) for log management search and security monitoring.
- Strong scripting abilities (e.g. Python PowerShell Bash) for automation.
- Knowledge of security protocols network traffic analysis and intrusion detection systems.
- Experience working with security frameworks such as MITRE ATT and amp;CK NIST or CIS.
Certifications (Preferred)
- SIEMrelated certifications (e.g. IBM QRadar Certified Splunk Certified Architect Elastic Certified Engineer)
- Security certifications such as CISSP CISM or CEH are a plus.
Soft Skills
- Strong problemsolving and analytical thinking abilities.
- Excellent communication skills to convey complex technical concepts to stakeholders.
- Ability to work independently or in a team with minimal supervision.
Education
- Bachelors degree in Computer Science Information Technology Cybersecurity or related field (or equivalent experience).
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
