AddressRole Overview
The CSOC Security Engineer is an expert in deploying, configuring, and managing a Security information and event management (SIEM) tool. They are responsible for creating alarms and dashboards related to relevant security data/threats/events. In addition, they can automate responses to alarms and enrich data from outside sources.
Key Deliverables
- Design, develop, and implement security information and event management (SIEM) rules and detections within the SIEM platform(s).
- Configure and maintain log sources across diverse security and IT systems to ensure comprehensive data collection.
- Utilize toolsets to efficient log parsing and extraction of relevant security events.
- Fine-tune detection rules to minimize false positives and negatives, optimizing threat identification accuracy.
- Develop and implement SOAR (Security Orchestration, Automation, and Response) workflows to automate incident response tasks.
- Investigate security alerts and incidents, conducting root cause analysis to identify and remediate threats.
- Collaborate with the Cyber Security Operations Centre (CSOC) team to ensure effective incident response and threat hunting.
- Stay current with emerging threats and security best practices, recommending improvements to the SIEM and SOAR configuration.
- Document SIEM configurations, detection rules, and incident response procedures.
Required Skills :
- 3+ years in Information Security SIEM administration, parser development, cybersecurity content development, creating queries, alerting, and log analysis (or similar logging role).
- 3+ years' experience in scripting/process automation.
- 3+ years operating and supporting a large enterprise environment
- Experience with MS Sentinel and ELK
- Experience with AWS, Azure, SAAS logging, and cloud technologies in general
- Experience with EDR technologies
- Familiarity with standard logs from different systems: Windows/Linux/Cloud, etc.
- Advanced Scripting - Powershell, Python, etc
- API integration/automation experience
- Experience with process automation / at least one primary SOAR tool
- Excellent verbal & written communication and presentation skills.
Take the next step - APPLY NOW! Or contact Mangal Kadam on 730037693 referring a job number 262735.
Diversity and inclusion are strongly supported at Peoplebank. People of all nationalities, gender identities, and cultural backgrounds, including Aboriginal and Torres Strait Islander Peoples, are encouraged to apply.
