SIEM Engineer (BB-3595A)
Found in: Neuvoo Premium AE
Job Role: SIEM Engineer
SIEM Engineers responsibilities include:
- Configure and administer the SIEM to supportthe needs of SOC.
- Provide first leveltechnical support for SIEM tool.
- Responsiblefor maintaining the health of the SIEM tool and ensuring 99.96%uptime of the platform.
- Perform regularpatching and version upgrades on the SIEM platform.
- Create necessary dashboards in SIEM to enable the SOCsecurity monitoring.
- Perform SIEM softwarepatching activities.
- Configure forwarders anddevelop TAs (if needed) to integrate various log sources with SIEMplatform for log monitoring.
- Coordinate orperform the scheduled backups and restore activities as per thebackup policy.
- Maintain the log baselines asper the requirements given in the log management policies andcompliance requirements.
- Manage faults;coordinate with principal vendor for resolution.
- Ensure Health and Maintenance of DR platform.
- Ensure real time data and Configuration replicationbetween Primary and DR sites.
- In case ofPrimary site failure, ensure platform availability in DR sitewithin defined SLAs.
- Ensure health andavailability of all Heavy Forwarders deployed at clientsite.
- Maintain separate asset inventories forall log sources being on-boarded for all individualclients.
- Maintain proper documentation for theentire SIEM platform.
To bring your dream to life,you’ll need:
- 8+ years of hands on experience in Information Securitydomain.
- 2+ years of experience in IT/OT SOCenvironments.
- Splunk Experience andcertification a must
- Must be currently workingin a Security Operations Environment, preferably in a power plantenvironment.
- Experienceworking with ICS best practices and frameworks such as:ISA-99/IEC-62443, NERC CIP, NIST SP 800-82, etc.
calendar_today5 days ago
location_onAbu Dhabi, United Arab Emirates