SIEM Content Developer

Job Title: SIEM Content Developer
Contract Type: Contract
Location: London, England
Salary: Negotiable
Start Date: ASAP
Reference: SCD01_1531381940
Contact Name: Alex Young
Contact Email:
Job Published: July 12, 2018 08:52

Job Description

Tasks and responsibilities:
*Takes part in, and may lead, optimal tuning and operation of the threat and vulnerability management technologies. Continually refining the rules and logic within the organisations SIEM to make the SOC team more efficient and effective.
*Expected to operate with minimal supervision and to be able to make quick independent decisions. This role requires the ability to build strong relationships across the organisations security community.
*To Local Market technology teams, SIEM Engineering, Content Development, Business Analysts, Project Managers
*3 years minimum experience in security threat and vulnerability management technologies /security professional services experience.
*3 years minimum experience in SIEM (especially ArcSight) content development and refinement
*Degree in Information Technology, Engineering or similar
*Prior or current information security or advanced networking certifications including, but not limited to, GCIA, GCIH, CEH, GWAPT
*Relevant Industry knowledge and Technology exposure
*Deep knowledge of security threat and vulnerability management technologies best practice/continuous improvement (from both a technology and operational process perspective) that will improve Cyber Defence Operations overall detection and response capabilities.
*Strong analytical and communication and skills. Build on and continuously improves SOC analytics framework.
*In depth and extensive hands-on experience in security event analytics, SIEM content development - Refines SIEM content and delivers efficiencies within the GSOC SIEM and all other technologies used within the team.
*Deep knowledge of cyber risk analysis and management, including security reporting frameworks.
*Deep knowledge of networking protocols and addressing schemes, i.e., TCP/IP functions, CIDR blocks, subnets, addressing, communications, etc
*Deep knowledge of typical security devices such as firewalls, intrusion detection systems, av systems, anti-spam systems, event correlation devices, log file analysers, etc.
*Knowledge of Security Architecture and Design area with modern and APT technologies

Deliverables expected within the 3-month contract period:
*Develop/Adapt Content, Integration Support and QA for selected Local Markets relevant to the organisation for the following device Types:
oWAF: F5, Netscaler
oVPN: F5
oDC: from WUC connector
oIDPS: ASA, Huawei IDPS, Snort IDPS (MPESA), Checkpoint
oProxy: Squid, McAfee, Microsoft
oAV: McAfee ePO, Microsoft Endpoint Protection
oCisco Secure ACS
oCisco ISE
oNetwork Access Control
oChild Domain Controllers

Lawrence Harvey is acting as an Employment Business in regards to this position.
Visit our website and follow us on Twitter for all live vacancies @lawharveyjobs