SIEM Engineer

SIEM Engineer

Do you have a passion for cybersecurity and a knack for untangling complex IT data? Are you looking to play a vital role in keeping an organization's systems safe? If so, then this SIEM Engineer role is for you!

About the Role

As a SIEM Engineer, you will be responsible for the implementation, maintenance, and optimization of our Security Information and Event Management (SIEM) system. You will play a critical role in our Security Operations Center (SOC) by providing security analysts with the tools and insights they need to identify, investigate, and respond to security threats.

Responsibilities

• Manage the SIEM system, including configuration, log collection, normalization, and enrichment.
• Perform software updates, test updates, and deploy updates across the supported SIEM infrastructure.
• Manage user accounts and access to ArcSight product components that are not Active Directory-integrated, i.e. Loggers and Express/ESM. 
• Develop and maintain SIEM rules and correlations to detect potential security incidents.
• Monitor device event flow, identify devices from which events are no longer being collected or received, and engage with Client’s administration personnel to resolve the issue.

·       Monitor ArcSight Express, ESM, Loggers, Smart Connector Manager, Syslog load balancer & ArcSight command center and Smart Connector capacity, performance and operations, and diagnose and resolve issues as needed.

• Ensure that daily Express / ESM event archiving and system configuration exports to external storage are functioning correctly.
• Investigate security alerts generated by the SIEM system and escalate high-priority incidents to the security analyst team.
• Create and maintain security dashboards and reports to provide visibility into security posture.
• Stay up-to-date on the latest security threats and trends and update SIEM rules accordingly.
• Work with other IT teams to ensure seamless integration of the SIEM system with other security tools.

Qualifications

• Minimum of 2-3 years of experience in a security engineering role, with a focus on SIEM/SOAR.
• Strong understanding of SIEM concepts, including log management, event correlation, and threat detection.
• Experience with one or more SIEM solutions (e.g., Splunk, ELK Stack, ArcSight, Azure Sentinel).
• Experience with writing SIEM rules and correlations in a SIEM scripting language (e.g., SPL, Sigma).
• Excellent analytical and problem-solving skills.
• Strong communication and collaboration skills.

Benefits

• Competitive salary and benefits package
• Opportunity to work in a fast-paced and dynamic environment
• Be part of a growing and successful team
• Make a real difference in the security posture of the organisation

To Apply

Please submit your resume and cover letter to careers@datasixth.com

<