SIEM Infrastructure and Automation Engineer
Eurofins
Katowice, Silesian Voivodeship, Poland
1 d. temu

Job Description

Your skills and knowledge will provide cybersecurity and operational stability for laboratories scattered around Europe. On this role you will be responsible for operating and improving the Eurofins SIEM and SOAR platform, cooperating with international net of IT experts and tracking cyberthreats.

If you are experienced professional with excellent communication skills and necessity for professional development, we have a job suited just for you.

Your tasks :

  • Connect, configure and standardize new log sources to the Eurofins SIEM solution;
  • Ensure operational stability and performance of the SIEM and SOAR platform in areas including networks, applications, databases, systems, and endpoints;
  • Support Act Eurofins SIEM and SOAR solution with your expertise- recommend improvements and monitor incidents;
  • Cooperate with other IT teams for continuously integrate various logging sources with the SIEM;
  • Introduce innovations in existing rules and automations to optimize operational workload;
  • Maintain SIEM solution and document the environment;
  • Develop and upgrade dashboards, channels, filters, rule engine set-up, reports and integrate correlations to the information security incident process;
  • Analyze, troubleshoot, and remediate issues with the SIEM and SOAR solution.
  • Creation of reports on the status of the SIEM to include metrics on items such as number of logging sources, log collection rate etc;
  • Incorporate change and patch management into the SIEM and SOAR system.
  • Provide support to manage SIEM components, IDS / IPS, parsing / normalization of logs, rule engine, log storage, source device, log collection and event monitoring.
  • Qualifications

    What you bring to the table :

    Preferable 5 years (3 is minimum)

    of professional consulting or enterprise experience as : SIEM Engineer, Cyber-security Analyst or Network Security Specialist.

  • Experience with end-to-end deployment of a SIEM solution to a greenfield environment;
  • Experience with cyber intelligence / SIEM platforms (preferably QRadar but also alternatively Darktrace, ArcSight, Splunk or similar);
  • Good experience in debugging security operation center systems, application, and network problems;
  • Ability to document processes and procedures;
  • Knowledge of the MITRE ATT&CK / D3FEND framework and respective adversary tactiques;
  • Solid working knowledge of networking technology and firewalls, proxies, the OSI Model, protocols and standards.
  • Work proficiency communication skills in English (French or German is a plus)
  • Project coordination and experience with information security devices appreciated;
  • Experience with information security devices (e.g. firewalls, intrusion detection / prevention systems) appreciated.
  • Additional Information

    We can offer very attractive, multicultural and friendly work environment in fast-growing international company (more than 58 000 employees now), possibility to grow and make the next step in your professional career and self-development, long-term relationship and competitive salary package and bonus, medical and life insurance, possibility of remote working and flexible working hours.

    Zgłoś tę pracę
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Aplikuj
    Mój adres email
    Klikając przycisk "Kontynuuj", wyrażam zgodę neuvoo na przetwarzanie moich danych i wysyłanie powiadomień e-mailem, zgodnie z zasadami przedstawionymi przez neuvoo. W każdej chwili mogę wycofać moją zgodę lub zrezygnować z subskrypcji.
    Kontynuuj
    Formularz wniosku