Cyber Security Engineer

Cyber Security Engineer 

The Security Operations Centre (SOC) houses the cyber security team responsible for monitoring and analysing an organisation’s security posture on an ongoing basis. The SOC team’s goal is to provide 24x7x365 capabilities to detect, analyse, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes. 

The SOC staff work closely with our customer and eir evo’s Network Operation Centre (NOC) team to ensure security issues are addressed quickly upon discovery.  
The Cyber Security Engineer will support technologies that are used for security threat monitoring, detection, event analysis and incident reporting for the cyber security team. 

• Support the day-to-day operation of a highly available distributed multi-clustered multi-tenant SIEM, SOAR, EDR deployment 
• Support onboarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logs 
• Create queries, dashboards, and visualizations to support customer requirements
• Perform troubleshooting and remediation of issues as they arise with data ingestion.
• Track and resolve security engineering incidents on regular frequencies and collaborate with other teams for resolution and suggest areas for improvement.
• Responsibilities for complete life-cycle management with event source system administrator/owners. Including coordination and planning for system upgrades, new systems, as well as maintaining current operational event flows .
• Take the lead and manage/Coordinate relationship, project, and open issues with vendor support.
• Technical design and administration of security controls and services, and architecture, e.g. infrastructure and / or network systems, application security tools and processes, and /or incident response functions.
• Maintain documentation for the solution environment and develop technical documentation as required 
• Responsible for configuration of enterprise security log sources into the SIEM, EDR SOAR, VA solution  
• Continuously assess current state of security monitoring and recommend improvements 
• Conduct research on the latest threats and the latest technological advancements 

• Passionate and Professional security mind set  
• Strong customer service skills to follow-up with clients and handle escalations 
• Capability to ensure confidentiality and discretion in performing sensitive tasks  
• Experience in a technical customer service/technical support environment that adheres to service level agreements (SLAs) 
• 3-4 years of experience in the information security or IT field 
• 2-3 years of experience in SIEM deployment 
• Strong understanding of SIEM and UEBA 
• Strong knowledge of scripting languages such as Python, PowerShell. 
• Working knowledge of Machine learning in cybersecurity 
• Working knowledge of cloud technologies 
• Good understanding of infrastructure, log collection methodologies and aggregation techniques 
• Experience integrating endpoint security and host-based intrusion detection solutions.
• Should have expertise on TCP/IP network traffic and event log analysis.
• Education: Bachelor’s Degree or equivalent preferably  
• English: fluent 

We are committed to creating an inclusive and supportive work environment. If you require any reasonable adjustments during the application or interview process, please let us know, and we will work with you to meet your needs 

#eirforall