Band 8 - Csoc Siem Content Development Engineer

I am looking to hire a CSOC SIEM Content Development Engineer on an hourly contract ill December 2024!Please note this is only open to applicantations that have lived in Australia for the past 5 years.In a nutshell:The CSOC Content Development Engineer is an expert in deploying, configuring, and managing a Security information and event management (SIEM) tool. They are responsible for creating alarms and dashboards related to relevant security data/threats/events. In addition, they can automate responses to alarms and enrich data from outside sources.Key Deliverables:

• Design, develop, and implement security information and event management (SIEM) rules and detections within the SIEM platform(s).
• Configure and maintain log sources across diverse security and IT systems to ensure comprehensive data collection.
• Utilize toolsets to efficient log parsing and extraction of relevant security events.
• Fine-tune detection rules to minimize false positives and negatives, optimizing threat identification accuracy.
• Develop and implement SOAR (Security Orchestration, Automation, and Response) workflows to automate incident response tasks.
• Investigate security alerts and incidents, conducting root cause analysis to identify and remediate threats.
• Collaborate with the Cyber Security Operations Centre (CSOC) team to ensure effective incident response and threat hunting.
• Stay current with emerging threats and security best practices, recommending improvements to the SIEM and SOAR configuration.
• Document SIEM configurations, detection rules, and incident response procedures.

Mandatory Requirments:

• 3+ years in Information Security SIEM administration, parser development, cybersecurity Content Development, creating queries, alerting, and log analysis (or similar logging role).
• 3+ years’ experience in scripting/process automation.
• 3+ years operating and supporting a large enterprise environment

Required Skills:

• Experience with MS Sentinel and ELK
• Experience with AWS, Azure, SAAS logging, and cloud technologies in general
• Experience with EDR technologies
• Familiarity with standard logs from different systems: Windows/Linux/Cloud, etc.
• Advanced Scripting – Powershell, Python, etc
• API integration/automation experience
• Experience with process automation / at least one primary SOAR tool
• Excellent verbal & written communication and presentation skills.

Please reach out to hear more as applications close Friday 21st June 2024! (:At Randstad, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.SkillsSIEM/ MS Sentinel/ AWS/ Azure / SAAS / EDR/ ELK/ Powershell / Python / API / SOAR/ CyberEducationBachelor Degree