Job Title: Security Information and Event Management (SIEM) Analyst
Division: Infrastructure Services
Role Type: Permanent
Number of years experience: 3-4
Reports To: Logicalis Security Operations Manager (MSS)
Summary: Ensures the smooth provision of Security Information and Event Managed services to Logicalis’ clients.
Essential Duties and Responsibilities:
Experience in the following is required:
- Provides Security Information and Event Management (SIEM) analysis services to the Logicalis customer base, by monitoring and escalating alerts and incidents within the internal and customer SIEMs
- Maintain use cases, rule sets, watch lists and reference data to keep the SIEM operating correctly
- Forge strong relationships with customers with the aim of understanding their requirements
- Provide in-depth analysis of activity to complement the at-a-glance view from the dashboards
- Play a proactive role in using and sharing threat intelligence responsibly
- Design and manage reporting that provides added value to the customer
- Be on top of the technology – knowing what it will do and shaping what it should do in future.
- Work closely with our sister Managed Security Operations Centre (SOC) in Jeresy
- Works with Service Delivery Managers to propose enhancements to clients’ security in order to meet client’s security requirements.
- Remains current on technical and company related literature/correspondence and regularly reviews administrative procedures.
- Documents procedures for Operations teams.
- Supports and conducts self in a manner consistent with customer service expectations.
- Previous experience of one or more of McAfee SIEM, IBM QRadar, or LogRhythm is a must.
- Work with structured query languages.
- We’d be very interested if you were a regular contributor to threat intelligence sharing programs like MISP or CISP.
- Managing customer security environments in a managed service context
- It would be desireable but not essential for the candidate to have a third level qualification.
- Performing vulnerability scans on customer networks
- Performing physical penetration testing
- For longer-term plans with automation, Python skills would be very handy.
- Assisted in the upgrading of SIEMs
- An interest in what’s going on in the fast-moving world of threats and vulnerabilities, and a willingness to look beyond the first result on Google (tell me who you follow on Twitter and whose podcasts/blogs you engage with!)
Other Skills and Abilities
- Outstanding oral, written, and technical/business communication skills - We use phone, Webex and email to talk to customers, and Jabber and Jive for internal comms as well. Being able to get the tone right matters, whether it’s a report, a training document, or an informal request, as does ensuring that it’s clear and unambiguous. How you use graphics matters too.
- Ability to earn customer, partner, and employee trust and respect through demonstrating commitment to exceed expectations.
- Understanding process – how to create it, document it, implement it and tune it.
- Ability to work on-call duties that include 24x7 responses on rotating basis within team.
- Ability to break down ideas, problems, or opportunities into components, solve problems, and implement customer requests.
- Works effectively under pressure and stressful situations.
- Stays on leading edge of technology by learning new techniques and methods through continual education.
- Evaluates, escalates, and exercises good judgment and make decisions based on limited information.
- Ability to work as stand alone or in team environment.
- Works proactively and does what is expected at all times.
- The ability to break problems down into workable pieces, and to use a variety of sources and techniques to solve them.
- Meets deadlines by prioritising work requests based on sense of urgency - to be able to understand the difference between urgent and important, and when you can - and can’t - enjoy the whooshing noise deadlines make as they go by.
- Strong technical and customer interaction skills.
- Self-starter with excellent organisational, administrative and interpersonal skills.
- Ability to follow through with tasks, projects, and troubleshooting with minimal supervision.
- Superb customer service skills.
- Own car & full drivers licence essential
- Depends on experience but would be the following at a minimum: Base Salary based on experience
- Health insurance Pension
- Laptop Mobile phone
How to Apply:
Those with suitable experience, please forward your up to date CV in Microsoft Word format to email@example.com for consideration with the Subject Line 'Security Information and Event Management (SIEM) Analyst'.