Senior Security Engineer SIEM Deployment and Content Development Jobs in Oman - 3401280

Job Description

The following are the duties the employee can expect, but not limited to

Implement Securonix and other SIEM solutions

Perform on-boarding of new clients

Perform data ingestion from different log sources into the SIEM solution

Troubleshoot and resolve data ingestion issues

Perform data quality check on ingested data

Troubleshoot and resolve data quality issues in the Securonix SIEM solution

Manage SIEM backend infrastructure

Develop content for Securonix Snypr platform for SIEM and UEBA modules

Develop cyber threat models that can be utilized in the SIEM solution for threat detection based on inputs from the SOC team

Manage day to day SIEM operational tasks

Troubleshoot and resolve SIEM infrastructure related issues

Document SIEM implementation and deployment

Create SIEM and SOC related operational documentation

Integrate and share information with other analysts and other teams

Provide threat and vulnerability analysis as well as security advisory services

Perform regular health checks on SIEM infrastructure and data collection nodes

Implement various security solutions as and when required

Manage interactions with internal and external clients

Support the SOC team and client in the incident response process

Analyze and respond to previously undisclosed software and hardware vulnerabilities

Perform root cause analysis, document findings and collaborate with technologyprocess owners to prevent future occurrences

Participate in the documentation process to ensure accuracy of documentation critical to the teams success

Assist with the development of new content and tuning existing content for SIEM, IDS, and other security technologies

Interact with other IT personnel, sometimes of different nationalities



Salary


OMR
2,500 to 3,000
per month inclusive of fixed allowances





REQUIREMENTS

Senior Security Engineer Deployment and Content Development for Securonix (Next Generation SIEM Solution & UEBA)

PROFESSIONAL COMPETENCIES

Hands-on deployment of Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA) solutions

At least 5+ years experience working in deploying and managing SIEM solutions like Securonix, Exabeam, Splunk, LogRhythm, AlienVault, ArcSight, QRadar and Nitro ESM

At least 3+ years experience working in the field of Content development and worked for delivering andor building content on Securonix, Splunk, AlienVault, ArcSight, QRadar, Nitro ESM

Experience in developing custom parsers

Solid networking fundamentals

Solid experience with LinuxUnix operating environments (configuration and troubleshooting)

Strong analytical skills to understand data and come up with use cases to enhance detection

Strong understanding with information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, and cloud security tools

Strong understanding of APT kill chain frameworks like MITRE, Lockheed Martin etc

Experience in Cyber Security technologies and concepts such as insider threat, malware, lateral movement, beaconing, ransomware, data theft, fraud

Experience working with regular expressions and understanding of YARA rules

Strong programming background with advanced skills in Java, MySQL, Hadoop is preferred

Experience in coding using Core Java and related technologies, scripting languages like Bash, Python etc

Experience in working with HadoopRelational databasesSQL queries

Proven skills in technical writing, verbal communications, consulting, and problem solving in a rapidly changing technical environment

Proven experience being team-oriented and self-motivated, with a keen attention

to detail and the ability to work independently

Ability to effectively communicate and work with individuals from diverse backgrounds or cultures

Good understanding of Incident Management and Response

Experience in security device management and SIEM

In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc

Experience in threat management

Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix

Knowledge of applications, databases, middleware to address security threats against the same

Excellent communication skills

Ability to handle high pressure situations with key stakeholders

Good Analytical skills, Problem solving and Interpersonal skills

Working knowledge and experience with MS office with proficiency in Excel and PowerPoint