SIEM Content Developer

الوصف الوظيفي
Cyber Defence Centre (CDC) is STC’s Group’s Cyber Defence Operations Centre of Excellence. CDC’s

mission is to protect STC customers against global cyber risk. CDC is specifically accountable for

delivering Cyber Defence operational leadership across STC and Cyber Defence operational

capabilities to STC Group, the Local Market Operating Companies, and Partner Markets to enhance

STC’s global cyber defence posture and reduce its cyber risk. Cyber Security Operations Center

proactively and iteratively identify new attacks, or attacks underway and then work with other Cyber

Security Teams to contain and remediate in order to minimise the impact as quickly as possible. This

is achieved through the use of advanced security monitoring and analysis tools and techniques.

المهارات
• Splunk Content Development expertise, security use case design and implementation

• Experience developing and tuning SPLUNK alerts.

• Develop reliable, efficient queries in SPL or Sigma that will feed reports and dashboards.

• Maintain current functional and technical knowledge of the Splunk platform and future releases.

• Knowledge and understanding of the regex

• Familiar with MITRE ATTACK Model and tactics and techniques.

• Proven experience in SIEM content development and refinement.

• In-depth and extensive hands-on experience in security event analysis, create and refine SIEM/EDR

rules and deliver efficiency within the SIEM and all other technologies used within the team

• Deep knowledge of IPv4/IPv6, TCP networking protocols

• Telemetry knowledge of Windows/Linux operating systems

• Good working knowledge of security technologies such as SIEM (ArcSight /Splunk), EDR, IDS/IPS,

firewalls, proxies, web application firewalls, anti-virus, etc.

• Familiarity with standard security frameworks such as MITRE, cyber kill chain, and APT campaign

strategies

• Good knowledge of cloud platforms such as Azure, O365, Google cloud, AWS, Oracle

• Good working knowledge of regular expression development

• Scripting and programming experience is highly desirable

• Proven ability to prioritize workload, meet deadlines and utilize time effectively

• Good interpersonal and communication skills works effectively as a team player, and the ability to

communicate technical information to a non-technical audience

تفاصيل الوظيفة
منطقة الوظيفة الرياض, المملكة العربية السعودية
قطاع الشركة الخدمات الفنية والتركيب
طبيعة عمل الشركة صاحب عمل (القطاع الخاص)
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف غير محدد
الراتب الشهري غير محدد
عدد الوظائف الشاغرة غير محدد
المرشح المفضل
المستوى المهني متوسط الخبرة
عدد سنوات الخبرة الحد الأدنى: 5
منطقة الإقامة المملكة العربية السعودية

https://www.bayt.com/ar/saudi-arabia/jobs/siem-content-developer-4336083/