System Analyst SIEM

To respond

Candidate Requirements

Duties:

  • Definition of events, their formats, methods of transmission to SIEM, assessment of resource requirements;
  • Development, implementation, analysis and improvement of the content / logic of information security tools (SIEM, IPS, AV);
  • Development and implementation of automation tools for routine processes and data exchange scenarios between information security tools;
  • Monitoring the health of the infrastructure for collecting, analyzing and transmitting events to SIEM;
  • Diagnostics and maintenance of the SIEM system;

  • Participation in the development of recommendations for incident response;

  • Preparation of statistical and analytical materials on the functioning of information security tools;

  • Participation in the development of regulatory and technical documentation.

Requirements:

  • Work experience of 2 years of practical (technical) work in the field of IT and / or information security (of which at least 1 year in the field of information security)

  • Experience in administering SIEM systems;

  • Content creation in SIEM systems, including using Snort, Yara, Sigma

  • Programming skills in scripting languages ​​(Python, Powershell, Bash) or high-level languages;

  • General knowledge and skills in the field of detection, analysis and response to information security incidents;

  • Experience in the development of analytical reports, technical documentation;

  • Experience in administration of NG / FW, IPS, AV;
  • Availability of certification in the direction of SIEM;
  • Experience in analysis, localization, neutralization and investigation of information security incidents;
  • The presence of functional certification in the field of information security (preferably);
To respond
Do you know who the vacancy is suitable for? Share it and get +10 karma

Do you want to work with us? Write!

logo