AddressJoin our Team
About this opportunity:
We are now looking for a Security Engineer professional. This job role is responsible for tracking, coordination, support, management, and execution of security related activities to ensure that services provided to customers are continuously available and performing to Service Level Agreement (SLA) performance levels. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured.
What you will do:
Support the following systems and functions
Incident Management
Respond after hours (on-call support)
Coordinate and conduct event collection, log management, event management, and compliance automation
Respond to day-to-day security change requests related to security operations
Conduct security research and intelligence gathering on emerging threats and exploits
Create new rules based on identified scenarios
Perform postmortem analysis on logs, traffic flows, and other activities to identify malicious activity
Security analysis (networking devices and operating systems, endpoint analysis, network attacks)
Work with the various Technical Authority teams to respond to and resolve security incidents effectively and quickly
Provide Root Cause Analysis for security incidents, and outages / impairments related to security tools
Administer authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets
Splunk Tools
Integration of nodes to security tools (SIEM, VA, IAM, etc.)
Deploy content (policies, signatures, parsers or rules) for the security infrastructure
Deploy, configure, and manage Splunk SIEM infrastructure
Monitor Splunk SIEM performance and capacity
Develop and maintain custom Splunk apps and dashboards
Provide technical support and troubleshooting for Splunk SIEM
Collaborate with security analysts and other IT teams to enhance security monitoring capabilities
Experience in log integration for both heavy forwarders and universal forwarders
Vendor Communications
Work with SIEM, IPS/IDS, IAM vendors for application related issues
Process Improvement
Mentor level 1 analysts to improve detection capability within the SOC
Prepare Use Cases & MOPs on identified scenarios
Create, maintain and improve technical operational work instructions
Drive continuous process improvements by providing inputs on the current processes and possible improvement opportunities
Governance and Reporting
Business intelligence reporting based on SOC and customer needs
Identify and report risks related to security
Perform periodic reporting and when applicable, present to management and/or the customer’s security team
The skills you bring:
4 to 7 years experience with at least 2 years of experience in IT and 2 years in security
ITIL certification, CCSP, OSCP, Security +, CCNA Security or similar will be an advantage
Basic knowledge of telecommunications networks will be an added advantage
Splunk Certified Administrator (SCA) certification
3+ years of experience as a Splunk SIEM Administrator
Strong knowledge of Splunk search language (SPL)
Experience with scripting languages (Python, PowerShell, etc.)
Excellent analytical and problem-solving skills
Good communication and teamwork skills
