• Working with the Cybersecurity Incident Response Team and Threat Intelligence Team to identify content improvements.
• Assisting the Cybersecurity Incident Response Team and Threat Intelligence Team with searches by acting an expert in Splunk Search Language.
• Provides input to the overall SIEM security architecture, governance model.
• Provide technical oversight, standardization and validation of the effectiveness of SIEM content service.
• Participate in efforts to research, design and implement components in the SIEM content development space there are standards-based, high-performing, highly available and secure.
• Educated internal and external users of security technologies to continually improve the knowledge and skill-base of the organization on how best to operate and support the technology and security services.
• Supports, implements and promotes standard configuration and change management, processes and practices.
Desired Candidate Profile
Skills
• Experience with architecting, implementing, and operating Splunk or other big data platforms.
• Experience with IDS, IPS, and SIEM appliance architecture, operations, and management
• Experience with working in a globally distributed enterprise environment
• Experience with monitoring use case implementation methodologies
• Knowledge of Linux, Unix, and Microsoft operating systems
• Knowledge of TCP/IP protocols
• Experience using regex (regular expressions) with a scripting language (nix shells, python, C , ruby, etc.) is acceptable
• Excellent communication skills and problem-solving ability
• Troubleshooting skills and strong technical learning aptitude
Qualifications
• Certified Information Systems Security Professional (CISSP)
• CEH, OSCP, or other ethical hackers
• SIEM certifications
https://www.naukrigulf.com/administrator-jobs-in-riyadh-saudi-arabia-in-acuative-middle-east-2-to-3-years-n-cd-20010162-jid-301221500340
Printable Page 
Report Advertisement