I am looking to hire a CSOC SIEM Content Development Engineer on an hourly contract ill December 2024!Please note this is only open to applicantations that have lived in Australia for the past 5 years.In a nutshell:The CSOC Content Development Engineer is an expert in deploying, configuring, and managing a Security information and event management (SIEM) tool. They are responsible for creating alarms and dashboards related to relevant security data/threats/events. In addition, they can automate responses to alarms and enrich data from outside sources.Key Deliverables:
- Design, develop, and implement security information and event management (SIEM) rules and detections within the SIEM platform(s).
- Configure and maintain log sources across diverse security and IT systems to ensure comprehensive data collection.
- Utilize toolsets to efficient log parsing and extraction of relevant security events.
- Fine-tune detection rules to minimize false positives and negatives, optimizing threat identification accuracy.
- Develop and implement SOAR (Security Orchestration, Automation, and Response) workflows to automate incident response tasks.
- Investigate security alerts and incidents, conducting root cause analysis to identify and remediate threats.
- Collaborate with the Cyber Security Operations Centre (CSOC) team to ensure effective incident response and threat hunting.
- Stay current with emerging threats and security best practices, recommending improvements to the SIEM and SOAR configuration.
- Document SIEM configurations, detection rules, and incident response procedures.
- 3+ years in Information Security SIEM administration, parser development, cybersecurity Content Development, creating queries, alerting, and log analysis (or similar logging role).
- 3+ years’ experience in scripting/process automation.
- 3+ years operating and supporting a large enterprise environment
- Experience with MS Sentinel and ELK
- Experience with AWS, Azure, SAAS logging, and cloud technologies in general
- Experience with EDR technologies
- Familiarity with standard logs from different systems: Windows/Linux/Cloud, etc.
- Advanced Scripting – Powershell, Python, etc
- API integration/automation experience
- Experience with process automation / at least one primary SOAR tool
- Excellent verbal & written communication and presentation skills.