SIEM Consultant (Sourcing Requisition)

Your profile

• Professional experience in SOC tooling such as SIEM and Endpoint services (Splunk, Microsoft Sentinel, Defender for Endpoint etc.)

• German language

• Relevant industry certifications (e.g., AZ500, Splunk ES Admin)

• Experience with various Endpoint protection platforms, such as MS Defender, CrowdStrike, Tanium, Cybereason, etc.

• Experience with various SOAR platforms

• Strong analytical and problem-solving skills

• Knowledge of security best practices and concepts

• Strong understanding of network and endpoint security, firewalls, intrusion detection/prevention systems (IDS/IPS).

• Nice to have: possession of one of the following security certifications: CISSP, CCSP, CCSK, CISM, CISA.

• Nice to have: French language

Your task

• Identify, define and document system security requirements and recommend solutions to management.

• Research and evaluate new security technologies and make recommendations for implementation.

• Partner with cross-functional infrastructure teams to ensure security maturity work is being prioritized and addressed.

• Handle the configuration and troubleshooting of client security infrastructure devices, including SIEM systems and other XDR components.

• Optimize Detection Accuracy, Trend Analysis and Fine-Tuning: Tune system rules and correlation searches to enhance detection capabilities.

• Develop Automation and Efficiencies: Leverage your knowledge and experience to develop automation processes, enhance efficiencies, and implement best practices.

• Oversee the deployment, configuration, and ongoing optimization of security platforms to ensure accurate and efficient event collection, licensing, correlation, and alerting.