21 ene
Epam Systems
Nuevo Casas Grandes
.
**Responsibilities**- SIEM & SOAR Configuration: Configure SIEM and SOAR solutions, ensuring seamless integration with various security tools, systems, and data sources; Conduct SIEM and SOAR testing and validation- Use Cases Development & Implementation: Develop detection use-cases and implement SIEM detection rules; Develop SOAR remediation use-cases; Create, test, and update SOAR playbooks to streamline security operations- Log Sources Integration & Threat Hunting: Integrate log sources with SIEM, optimize log ingestion and processing; Perform threat hunting,data enrichment, threat intelligence feeds onboarding, and utilize them for automated responses- Documentation & Reporting:
Generate reports for both technical and non-technical staff and stakeholders- Relentless Improvement: Stay up-to-date with SIEM technologies and identify opportunities for continuous improvement**Requirements**:- At least 3 years experience with one or more SIEM solutions (Azure Sentinel, Splunk, Google SecOps, QRadar, ArcSight, etc.
)- Knowledge of at least 1 cloud platform (GCP, Azure)- Technical knowledge of Internet security, Network protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behavior Analysis tools, Anti-malware and packet inspection- Basic understanding of Windows, Linux, DB, network device monitoring and logging techniques- Basic understanding of host and network security hardening, and common security risk management concepts**Nice to have**- Proficiency in scripting and automation (e.G., Python, PowerShell), developing API integrations with SIEM/SOAR- Familiarity with attack frameworks and knowledge bases, such as the MITRE ATT&CK; framework, CAPEC,
etc.- Experience with leveraging AI assistance in daily security operations- Experience with 1 or more SIRP/SOAR tool (Google SecOps SOAR, TheHive, Cortex, Splunk Phantom, Demisto/XSOAR, Resilient etc.
)- Knowledge of Splunk Search Processing Language (SPL), Splunk Common Information Model (CIM), YARA-L 2
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.