5d ago
source : GrabJobs

About the job

  • Install and administrate the servers of the SIEM Infrastructure
  • Participate to the integration of new technologies logs
  • Support logs parsing using custom parser / GROK development.
  • Deploy / update use cases on the platform
  • Fine tune the alerts in collaboration with CSIRTs and SMC
  • Improve existing use cases / tools
  • Project management
  • Be a full time member of the Production CSIRT / Logging & Detection team and participate to the various activities of the team
  • Comply with regulatory requirements and internal guidelines.
  • Contribute to the reporting of all incidents according to the Incident Management System
  • About you

  • University degree or equivalent in IT discipline (preferably in IT Security)
  • Professional credentials in one of the relevant IT Security disciplines
  • At least 3 years of experience in the IT Security field
  • Strong knowledge in administration of UNIX systems
  • Experience on SIEM and use cases, log monitoring (ELK Stack is mandatory)
  • Basic knowledge in administration of Windows servers, Architecture and Network
  • Independent, self-motivated and innovative with good problem solving, interpersonal and communication skills, and can foster teamwork
  • Understanding of cyber threat analysis models such as kill chain, diamond model, etc and how they apply to both targeted and non-targeted threats
  • Experience in common scripting languages such as Python, Ruby, LUA, PowerShell or BASH
  • Knowledge in Elastic language / infrastructure will be a plus
  • Knowledge in PHP / HTML / CSS / SQL will be a plus
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form