Seeking for a result oriented, Cyber Security Engineer - SIEM, who will be responsible for designing and implementing highly secure network solutions
We are looking for a result oriented, energeticCyber Security Engineer – SIEM, who will be responsible for designing and implementing highly secure network solutions to reduce cyber and technology risk across the organization. The position provides secure development engineering advice, guidance, and assurance for projects both on prem and cloud.Key Responsibilities
- Designing and implementing robust security architectures for digital systems, ensuring the confidentiality, integrity, and availability of data.
- Identifying and mitigating potential security threats through in-depth analysis of intrusion attempts, proactive threat research, and the implementation of countermeasures.
- Developing and refining incident response processes to ensure swift and effective action in the event of security incidents, minimising impact, and downtime.
- Scrutinising code bases to eliminate common coding vulnerabilities, ensuring secure application development and deployment.
- Deploying and managing advanced security tools to systematically identify and resolve security issues across a spectrum of systems and applications.
- Ensuring adherence to industry-specific compliance standards and regulations in all security initiatives
To be successful in the role, Cyber Security Engineer - SIEM must have:
- Minimum 3 years of hands-on experience in Cyber Security, showcasing a deep understanding of Security Engineering principles, cyber threats, and associated risks.
- Proficient knowledge of relevant information security frameworks and standards, including ACSC ISM, ISO27001/2, NIST 800-53, NIST CSF, and other NIST best practices within the sector.
- Demonstrated expertise in evaluating current and emerging technologies, assessing their relevance, potential value, and associated risks for the organisation.
- Preferable experience in both Windows and Linux environments, providing a comprehensive skill set.
- Exceptional presentation, analytical, and interpersonal skills with meticulous attention to detail.
- Proven ability to view existing processes and procedures as opportunities for enhancement, tuning, and improvement.
- Highly desirable qualification: IRAP (Information Security Registered Assessor Program), emphasising a commitment to excellence in information security practices.
- Proficient in SIEM and SOAR Technologies such as Splunk, MS Sentinel, or Elastic.
- Skilled in EDR Technologies like Crowdstrike, TrendMicro, and Defender ATP.
- Familiarity with App Whitelisting Technologies, specifically Airlock.
- Hands-on experience with Vulnerability Management tools, such as Randori, Tenable, and Spotlight.
- Automation expertise using platforms like Ansible, Salt, and SCCM.
- Knowledgeable in Kubernetes and Containerization (BareMetal, OpenShift) is desirable.
- Expertise in developing Logging infrastructures using Splunk, rsyslog, or syslog-ng.
- Proven ability to build dashboards in SIEMs and tools like Grafana.
- Solid understanding of the MITRE ATT&CK Framework and the Cyber-Kill Chain.
- Capable in security alert triage and resolution management.
- Knowledgeable in Threat Hunting and Detection Engineering.
- Experience with Opensource Security Tools.
- Proficient in building SOC tooling, automation, and deployment.
- Well-versed in Cloud Architectures and associated security technologies.
- Scripting proficiency in BASH or PowerShell.
- Utilises Security Automation Tools with a focus on Python.
APPLY NOW! Attach your resume in WORD format and we will contact you should your skills be deemed suited.
Australian Permanent Residents or Citizens are eligible to apply.
Thank you, Torch Professional Services appreciates your interest.