SIEM PLATFORM LEAD

  • Permanent
  • Ref #399011TJ
  • Posted 4 weeks ago
  • Rivonia, Gauteng, South Africa, Africa
  • Information & Communications Technology
Employer Description

Multi-Cloud, Security, Data Management and Storage solutions  organization

Job Description

The SIEM Platform Lead will identify, analyze, and react to security incidents, events and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or Qradar, or ArcSight. The SIEM Platform Lead will support the architecture, deployment, management, and maintenance of these SIEM platforms.

Qualifications

  • Matric
  • Degree or Similar
  • Certifications in one or more SIEM platforms

Skills

  • 2 years’ experience in IT Infrastructure Support, and a further 2 years’ track record as a SIEM Platform Lead or similar
  • 3 years+ as a SIEM Platform Manager in an established SOC operation
  • Proficiency with Windows and Linux systems
  • Advanced knowledge of networks technologies (protocols, design concepts, access control)
  • Advanced knowledge of security technologies (firewalls, endpoint protection, endpoint detection response, encryption, data protection, design, privilege access, etc.)
  • Extensive experience with one of more SIEM platforms such as IBM QRadar and/or Azure Sentinel
  • Experience in a SOC and/or Incident Response environment
  • Proficient in development and maintenance of Python script language (v2.7 and v3.x)
  • Experience in BASH, Ruby, Perl, PowerShell script languages a plus
  • Strong Linux/UNIX and/or Windows administration skills
  • Strong fundamental knowledge and understanding of current security vulnerabilities, attack vectors, industry technologies, trends, and techniques
  • Familiarity with tools such as: IDS/IPS, DLP, Proxy, WAF, EDR, AV, MVM, Sandboxing, FWs, Threat Intel, Pen Testing, APT
  • Experience with SIEM administration and integration/automation·
  • Experience with SOC-related automation/orchestration technologies·         Good understanding of network transport protocols and services (TCP/IP, Syslog, ODBC, SFTP, SSH, PKI, etc.)
  • In depth hands-on experience with at least two of the following technologies: Unix administration, Windows Server administration, Active Directory, Windows Workstation, Routers /Switches management, Firewall Management, SANS/NAS, Web servers, IAM/AAA, IDS/HDS, System vulnerability scanning tools, application/database vulnerability scanning tools, mobile device analysis or Secure coding
  • In depth understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities

Salary / Package

R1'1 million CTC

Benefits

  • Medical Aid
  • Pension
  • Provident Fund