SIEM Engineer

About Luxoft
Luxoft, a DXC Technology Company (NYSE: DXC), is a digital strategy and software engineering firm providing bespoke technology solutions that drive business change for customers the world over. Acquired by U.S. company DXC Technology in 2019, Luxoft is a global operation in 44 cities and 23 countries with an international, agile workforce of nearly 18,000 people. It combines a unique blend of engineering excellence and deep industry expertise, helping over 425 global clients innovate in the areas of automotive, financial services, travel and hospitality, healthcare, life sciences, media and telecommunications. DXC Technology is a leading Fortune 500 IT services company which helps global companies run their mission critical systems. Together, DXC and Luxoft offer a differentiated customer-value proposition for digital transformation by combining Luxoft’s front-end digital capabilities with DXC’s expertise in IT modernization and integration. Follow our profile for regular updates and insights into technology and business needs.
​​​​​​​Luxoft Romania has been established since 2001. We currently have approximately 2500 employees working from different locations in the country.

Mandatory Skills:

o Experience in SIEM standards and best practices
o Strong technical background (systems administration, scripting, programming, databases, virtualization platforms)

Nice-to-Have Skills:

o Experience as a DBA/Systems administration
o Education/Degree in SIEM

Project Description:

As a SIEM Engineer, you will be actively involved in various of activities related to maintaining high level of SIEM of Temenos platform for the large European Bank and suggest corrective and preventive actions to ensure overall application conformity to SIEM standards.

Responsibilities:

o Administration tasks:
- SIEM Health monitoring with following daily tasks:
o Storage space monitoring and logs offload on archive if needed
o Job monitoring, error debugging and corrective actions
o Connectors monitoring, debugging and correction actions
o Interface to SM9 monitoring and error debugging and corrective actions
o Alerts investigation which includes event analysis and cooperation with ITO on remediation after analysis is finished
- Occasionally/periodic tasks
o Onboarding new sources when connector of appropriate type already exist - billable if CR is generally billable
o Monitoring of periodic archiving
o User account management (user creation, user disablement and deletion, configuration of user rights)
o Incident and problem management (debugging of SIEM system)
o Participating in security incidents resolution if investigation trough SIEM data is needed
o Source offboarding when device/app is being decommissioned - billable if decommissioning CD is billable
o Creation of new reports (regular or ad-hoc) - some might be billable
o Search, investigate and presents results for every suspected incidents or accountability investigation
o Maintenance of devices/applications lists from which logs are being collected on SIEM
o Documentation maintenance (post implementation documents and as-is documentation)
o Support of banks' audits:
 Providing information about SIEM architecture and functionalities
 Extracting custom data or preparing custom reports on request from auditor

o New development - Tasks for new changes or new projects/CRs on SIEM system:
- Participation in meetings with banks in order to make assessment of scope of work and time needed for implementation
- Approve scope and timeline for new requests and changes
- On boarding to SIEM new sources when new type of connectors is required (smart and flex connectors)
- Developing correlation of events with new sources (development of new cases included)
- Development of new alerts and customization of deployment
- Development of new reports and scheduling tasks for report generation and deployment to recipients
- Architecture change support

Reasons to join us:

• Attractive salary and benefits package
• We invest into your professional training including business domain knowledge, and allow you to grow your professional career.
• We encourage creative-thinking into an open-minded work environment. Frequently the relaxation rooms are the place where the most ambitions ideas are born.
• We are not just professional teams, we are also friends that have fun working together
If you are an active person and you feel motivated by the creation/development of the software solutions, then this is the place to be, you will not get bored.