SIEM Engineer Expert
IT Teams is a Romanian company specialized in software outsourcing and remote staffing. We aim to assemble passionate experts to help companies and startups achieve success. We deliver the perfect combination of technical skills, methodology and high speed delivery techniques to help startups and established companies extend their development teams.
Apply now »
SIEM Engineer Expert
Cyber Defense Center is part of the CISO division. The main responsibility of the team is to execute the Cyber Threat Intelligence (CTI) capabilities, Security Operations Centre (SoC), Cyber Incident & Response Team (Cirt).
- • Keep abreast of evolving cyber threats and identifying new and sophisticated methods of detecting them;
- • Interact with customers to gather requirements and ensure the implementation of cyber security solutions;
- • Responsible for the creation of procedures, runbooks, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM log sources and detection logic;
- • Responsible for security event life-cycle management with event source system administrators/owners, as well as maintaining current operational event flows;
- • Responsible for configuration of enterprise security log source types into the SIEM and definition of security event log forwarding into the SIEM;
- • Coach a small team (from a technical perspective); review work outputs and provide quality assurance;
- • Analyses and identifies areas of improvement with existing processes, procedures and documentation;
- • Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel;
- • Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems.
- • In depth experience in development and maintenance of SIEM use cases;
- • Strong knowledge of log formats and ability to aggregate and parse log data for Syslog, HTTP logs, DB logs for investigation purposes;
- • Strong knowledge of network security zones, Firewall, IDS;
- • Knowledge of Linux and Windows platforms and cloud concepts;
- • Experience administering multiple security technologies (Firewalls, IDS/IPS, SIEM);
- • Experience with Security Assessment tools (Nmap, Nessus, MetaSploit, Netcat);
- • Excellent English communication skills (written and oral);
- • QRadar Certified;
- • Splunk Certified;
- • Any other Security Certifications (e.g. CEH or CISSP).
- • Good security mindset;
- • Sense of urgency and able to apply risk based approach to prioritize work;
- • Strong analytical skills to help define new use cases, statistical correlation rules and analytical monitoring functions;
- • A problem solver (you recognize underlying issues and problems, you analyse root causes and define solutions accordingly);
- • Able to work autonomously;
- • Motivated to learn new technologies and come up with process improvements and efficiencies;
- • A team-focused mentality with ability to work & collaborate effectively in a team environment;
- • Reporting and continuous improvement mindset;
- • Project Management skills;
- • You have good influencing/persuasion skills, obtaining approval of others with good arguments, appropriate influencing methods and a certain “natural authority” (persuasion);
- • You examine matters from a distance and putting them in a broader context and time perspective (vision);
- • Good leadership and communication skills, whether on the field, in the team or with management: you are a keen team player and coordinate work amongst people from different areas or divisions. A good relationship builder with strong diplomacy skills;
- • Capability to ensure confidentiality and discretion in performing sensitive tasks;
- • At ease in a fast changing environment, flexible and pragmatic, open-minded.
Apply now »
Why IT Teams:
We are driven by curiosity so we conduct a Discovery Process, ensuring that the technology we deliver stays in tune with customer’s business goals. We encourage our team members to speak up, to share their advices and worries if any, so we are able to properly handle the software development projects risks. Honesty is a key ingredient of our collaboration with customers as well with our colleagues. Our Commitment towards customer goals is reflected by our regular progress reporting, a constant revision of project goals and deadlines and a solid quality control.Apply now »