SIEM Platform Lead
SIEM Platform Lead
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
At Tetra Pak we commit to making food safe and available everywhere; and we protect whats good protecting food protecting people and protecting the planet. By doing so we touch millions of peoples lives every day.
And we need people like you to make it happen.
We empower you to reach your potential with opportunities to make an impact to be proud of for food people and the planet.
Job Summary
As the face of information security to Cluster and Market Company management responsible for:
managing information security risks; managing and leading significant information security incidents both globally and at the cluster level; Expertly advising on information security issues and questions within the cluster; driving information security and data privacy awareness and education for the cluster; ensuring compliance on information security and data privacy related matters for the cluster. Responsible for leadnig or managing informaiton security intiative on a global level.
What you will do
Role and responsibilities:
In this role you will be part of the ISIRT and Cyber Threat Intelligence team which falls under the parent group named Security Operations. You will be responsible for designing implementing and maintaining log management security event monitoring and security automation solutions. Working closely with the SIEM Detection and Automation Lead you will not only directly support Security Operations Center (SOC) functions and incident response by ensuring the availability reliability and performance of critical security analytics and automation platforms but also with both internal and external teams including our Managed Security Service Providers.
Not limiting to the following the key responsibilities include:
- Onboard diverse log sources (OS firewalls cloud) ensuring data completeness & compliance
- Design implement configure tune and maintain SIEM syslog and automation solutions to meet reporting and compliance requirements such as data privacy NIST ITIL etc
- Designing and maintaining secure access for different teams (i.e. RBAC)
- Implementing use of AI in achieving more efficiency
- Continuously assess and enhance SIEM performance parsing efficiency and coverage
- Plan and execute upgrades patches and disaster recovery exercises
- Develop tune and test correlation rules use cases alerts dashboards and reports
- Integrate and automate operations and solutions and doing so with threat intelligence sources
- Maintain technical and operational documentation (system configs onboarding guides SOPs)
- Monitoring and maintaining licensing usage (e.g. filtering unwanted logs to save on licensing)
- Ensure adherence to internal/external audit regulatory and log retention policies
- Assist SOC and incident response teams for any escalations incidents exercises etc
- Engage and conduct training to various teams such as the SOC TI project teams etc
- Participate in continue service improvement
We believe you have
Technical Skills:
- At least 2 years experience in working with any SIEM solution
- Experience with log source onboarding parsing and in automation is highly advantageous
- Strong working knowledge of operating systems such as Windows Linux and their respective scripting language. E.g. PowerShell bash regex etc
- Strong working knowledge of API (e.g. REST GraphQL webhook etc)
- Strong practical knowledge in at least two of the domains: network security but not limited to dedicated security areas (e.g. firewalls proxy etc) server security endpoint security Cloud security OT security and their associated technologies
- Good knowledge in emerging technologies such as AI Data Analytic Cloud and IoT
- Strong knowledge in cybersecurity trend and technologies
Non-technical Skills:
- A resourceful team player who possesses strong analytical and troubleshooting skills
- Strong Incident Management skill and ITIL knowledge
- Strong problem resolution and analytical skill
- Prior Information Security related training or certification will be added advantage
- Effective verbal and written communications
- Strong documenting and technical writing skills
We Offer You
- A variety of exciting challenges with ample opportunities for development and training in a truly global landscape
- A culture that pioneers a spirit of innovation where our industry experts drive visible results
- An equal opportunity employment experience that values diversity and inclusion
- Market competitive compensation and benefits with flexible working arrangements
If you are inspired to be part of our promise to protect whats good; for food people and the planet apply through our careers page at you have any questions about your application please contact Ephraim Kwa.
Diversity equity and inclusion is an everyday part of how we work. We give people a place to belong and support to thrive an environment where everyone can be comfortable being themselves and has equal opportunities to grow and succeed. We embrace difference celebrate people for who they are and for the diversity they bring that helps us better understand and connect with our customers and communities worldwide.
Employment Type
Full Time
