SIEM Specialist

Дата:30 Сентября
Работодатель:Parimatch Tech
Квалификация:2+ years of experience as IT security specialist/analyst, SOC analyst, SIEM specialist position;
Experience with SIEM administration and support: Elastic Stack, Splunk;
System administrator or devops background: Unix systems, DBs, AWS, k8s, Git;
Experience with log collection, parsing and enrichment with Elastic beats, logstash, syslog-ng, rsyslog;
Strong experience at logs analysis, correlation and visualization via Elastic stack tools;
Scripting development using a variety of tools like Bash, Python, Ruby, Go;
Use of MITRE ATT&CK and Cyber Kill Chain frameworks.
Задачи:Work with large dataset from different infrastructures;
Design and implement monitoring/prevention security controls for new company's products/features/3-rd parties integrations;
Analyze actual threats and develop mitigation controls;
Support and develop SIEM not only as system - but as process.