#1 Job Board for tech industry in Europe

  • Job offers
  • Salary calculator
  • Top Companies
  • Geek
    • SIEM Expert
    Security

    SIEM Expert

    CyberProof

    Tel Aviv-Yafo
    Type of work
    Undetermined
    Experience
    Mid
    Employment Type
    Permanent
    Operating mode
    Remote

    Tech stack

      Cybersecurity

      regular

      SIEM

      regular

      SoC

      regular

      QRadar

      nice to have

    Job description

    Online interview
    CyberProof is seeking SIEM Splunk/Qradar to be part of our onboarding team – focusing on SIEM technologies. The role requires a detail-oriented professional who will provide SIEM support to our pre-sales teams and support the delivery of SIEM solutions to our customers. The SIEM Expert will be called upon to understand customer requirements and recommend the appropriate SIEM solution to meet those requirements. The SIEM Expert will support the SIEM solution with Architecture and Design documentation. This role is an excellent opportunity for an individual with strong technical, communication, and customer-facing skills.

    Responsibilities

    • Understand SIEM Splunk/Qradar Enterprise & Splunk/Qradar Enterprise Security in depth
    • Understand customer requirements and recommend best practices for SIEM solutions
    • Offer consultative advice in security principles and best practices related to SIEM operations
    • Develop new SIEM rules, correlations, and dashboards to meet customers’ needs
    • Design and document a SIEM solution to meet the customer needs
    • Assist in the creation and verification of Statement of Work (SOW) documentation
    • Assist with architecture, RFPs, and customer technical meetings
    • Deploy and configure the SIEM platform as per Vendor guidelines and industry best practices
    • Assist client with technical guidance to configure end log sources (in-scope) to be logged to the SIEM
    • Verification of data of log sources in the SIEM, following the Common Information Model (CIM)
    • Document the build of the SIEM solution

    Required:

    • Experience with Splunk ES – Creating Rules, Data Models, Reports, and Dashboards
    • Excellent familiarity with the Splunk enterprise Cluster implementation, components, and infrastructure
    • University degree in information security or equivalent work experience
    • Minimum 4 years experience in a similar role
    • Preferred SIEM vendor certification of administrator
    • Experience and proficiency in UNIX/Linux and/or Regular Expressions.
    • The following certifications would be considered as advantages: CISSP, CISM, CompTIA Security+, CEH, GSEC

    Check similar offers