As a SOC SIEM Security Engineer, you are an experienced security and network professional with a detailed understanding of event management technologies, security telemetry sources and data acquisition with years of experience in Enterprise, public Sector or Managed Services.
You will be working closely with our passionate Team of professionals - fellow SIEM Engineers, Security Threat Analysts, fellow Security Incident Responders, Threat Detection and Intelligence Experts, Security Architects, Engagement Managers, Software Architects.
You will be reporting to the Head of Security Operations, Tieto Security Services and working under the direction of the SIEM Team Lead.
You will design, develop, test and implement the SOC security logging solutions. The Security data platform is the repository for the collection, storage and correlation event data across the the SOC multi-
tenant Customer environment. It must rapidly identify, prioritize, and respond to various security events, compliance violations, policy breaches, cyber security attacks, and insider threats.
You will be responsible for :
Administration, management, configuration, testing, and integration tasks related to Splunk, Elastic (ELK), ArcSight ESM, IBM QRadar and associated platforms to include content creation, maintenance, and administration tasks.
Research, analysis and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices
Development, implementation, and execution of standard procedures (SOP) for the administration, content management, change management, version / patch management, and lifecycle management of Security Incident and Event Management (SIEM) platforms.
Providing technical input to Management during proof-of-concept reviews for new security products.
Provide technical guidance to the Security Operations Center during investigations or incident response.
Requirements for an ideal SIEM Security Engineer candidate :
5+ years hands on security engineering and architecture experience with Security Incident and Event Management (SIEM) technologies.
Direct experience architecting, configuring, deploying, and / or customizing SIEM platforms
Proven ability to support large scale application monitoring and event log management solutions (Splunk, ArcSight, QRadar, McAfee ESM, ELK)
Extensive experience creating alerts, dashboards, and reports
Strong knowledge of multiple security platform administration and / or engineering
Experience with and in a Hadoop ecosystem specific to configuration and data management is a plus
Understanding of Unix / Linux and Windows operating systems.
Python, Perl, Bash and / or Shell scripting experience is required.
Splunk Certification(s) are a plus :
Splunk Power User Certification
Splunk Administrator Certification
Splunk Architect Certification
Understanding of SOC practices, operations risk management processes, principles, architectural requirements, threats and vulnerabilities, including incident response methodologies is a plus
Expertise in Agile and DevOps culture of work
Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation
Degree in Information Technology
Knowledge of Atlassian Stack (Confluence, Jira)
Knowledge of ServiceNow / other Customer Care platforms
Finnish, Swedish and Norwegian language is a big plus
Exposure to corporate finance considerations - invoicing, pricing - a plus
Fluency in English, both spoken and written
Join Tieto Security Services and grow your career with security talents.
At Tieto we are a team of professionals spread across many countries who are working on the frontline of a wide range of industries.
We inspire, we engage and we deliver. We have global capabilities and a strong presence where our clients need it in the Nordics or via local delivery centres across the globe.
Are you looking for a career with a company that both challenges and cares? Welcome to Tieto. We are committed to developing enterprises and society through information technology.
We believe in openness, independent thinking, and in giving our people the freedom to be their exceptional selves. We are the largest Nordic IT services company providing full lifecycle services for both private and public sectors.
Our work puts us at the frontline of a wide range of industries.
We offer you the chance to make a difference and be part of the forefront of emerging businesses and technology, exchanging ideas with the best professionals.
You will cooperate with colleagues in an international and evolving working environment, and increase your knowledge in a variety of areas.
We offer you a challenging position with great opportunities for professional growth. With us you will have the opportunity to directly influence your career development.
If you have a good idea, people will listen to you. We believe that trust fosters freedom and creativity. Our culture is built on transparency and active sharing a truly open environment.
Interested? We look forward to receiving your application and the opportunity to discuss with you!