SIEM Engineer

This job is no longer active!

View all jobs Luxoft Romania active


View all jobs SIEM Engineer active on Hipo.ro

View all jobs IT Software active on Hipo.ro


Employer: Luxoft Romania
Domain:
  • IT Software
  • Job type: full-time
    Job level: peste 5 years of experience
    Location:
  • BUCHAREST
  • Updated at: 16.09.2020
    Short company description

    Luxoft, a DXC Technology Company, (NYSE: DXC), is a digital strategy and software engineering firm providing bespoke technology solutions that drive business change for customers the world over. Luxoft uses technology to enable business transformation, enhance customer experiences, and boost operational efficiency through its strategy, consulting, and engineering services. Luxoft combines a unique blend of engineering excellence and deep industry expertise, specializing in automotive, financial services, travel and hospitality, healthcare, life sciences, media and telecommunications. Luxoft is well known for its consistent high level of delivery and complex project management, its premier digital engineering talent, exceptional client focus, and agility, creativity, and remarkable problem-solving capabilities.

    Requirements

    Mandatory Skills:

    o Experience in SIEM standards and best practices
    o Strong technical background (systems administration, scripting, programming, databases, virtualization platforms)

    Nice-to-Have Skills:

    o Experience as a DBA/Systems administration
    o Education/Degree in SIEM

    Responsibilities

    Project Description:

    As a SIEM Engineer, you will be actively involved in various of activities related to maintaining high level of SIEM of Temenos platform for the large European Bank and suggest corrective and preventive actions to ensure overall application conformity to SIEM standards.

    Responsibilities:

    o Administration tasks:
    - SIEM Health monitoring with following daily tasks:
    o Storage space monitoring and logs offload on archive if needed
    o Job monitoring, error debugging and corrective actions
    o Connectors monitoring, debugging and correction actions
    o Interface to SM9 monitoring and error debugging and corrective actions
    o Alerts investigation which includes event analysis and cooperation with ITO on remediation after analysis is finished
    - Occasionally/periodic tasks
    o Onboarding new sources when connector of appropriate type already exist - billable if CR is generally billable
    o Monitoring of periodic archiving
    o User account management (user creation, user disablement and deletion, configuration of user rights)
    o Incident and problem management (debugging of SIEM system)
    o Participating in security incidents resolution if investigation trough SIEM data is needed
    o Source offboarding when device/app is being decommissioned - billable if decommissioning CD is billable
    o Creation of new reports (regular or ad-hoc) - some might be billable
    o Search, investigate and presents results for every suspected incidents or accountability investigation
    o Maintenance of devices/applications lists from which logs are being collected on SIEM
    o Documentation maintenance (post implementation documents and as-is documentation)
    o Support of banks' audits:
     Providing information about SIEM architecture and functionalities
     Extracting custom data or preparing custom reports on request from auditor

    o New development - Tasks for new changes or new projects/CRs on SIEM system:
    - Participation in meetings with banks in order to make assessment of scope of work and time needed for implementation
    - Approve scope and timeline for new requests and changes
    - On boarding to SIEM new sources when new type of connectors is required (smart and flex connectors)
    - Developing correlation of events with new sources (development of new cases included)
    - Development of new alerts and customization of deployment
    - Development of new reports and scheduling tasks for report generation and deployment to recipients
    - Architecture change support

    Other info

    Reasons to join us:

    • Attractive salary and benefits package
    • We invest into your professional training including business domain knowledge, and allow you to grow your professional career.
    • We encourage creative-thinking into an open-minded work environment. Frequently the relaxation rooms are the place where the most ambitions ideas are born.
    • We are not just professional teams, we are also friends that have fun working together
    If you are an active person and you feel motivated by the creation/development of the software solutions, then this is the place to be, you will not get bored.