SIEM Use Case Consultant / Security Consultant


Premium Job From Experis IT

Recruiter

Experis IT

Listed on

2nd July 2021

Location

London

Salary/Rate

£60000 - £90000

Type

Permanent

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

SIEM USE CASE CONSULTANT - Home Based - £DOEMITRE, ATT&CK, Use Case, Qradar, Arcsight, Sentinel, Splunk Working for a highly funded and agile company who are disrupting the global MSSP market we are looking for multiple people to join a Use Case factory from Analyst, Consultant to Design and Architect Level. As part of that team we are looking for a SIEM Use Case Expert/Consultant that will lead customer workshop to identify use cases that are required to secure the customers environment. You will be responsible for Providing consulting services on Business and Cyber risk management. Directly lead, manage and get involved in conducting customer workshops for selection and design of use cases, use case value assessments, mapping back to the enterprise business and cyber risk and the MITRE ATT &CK framework.Extensive background in Cyber Risk ManagementDemonstrate how to map cyber risks to specific risk actuation techniques and Use Case based mitigation methods.Create Use Case specification that include required log sources, detection logic, event flow architecture, event source configuration requirements, and response requirements to ensure that the impact of a technique is within acceptable limits.Conduct through a knowledge acquisition process and a series of workshops with customers.Work closely with customer service owner in carrying out risk / gapWork with use case analysts and advise SOC for Use Case Requests and Use Case upgrades. Provide training to Customer SOC analyst on the use cases and the response procedures Identify areas for optimizing use cases and fine tune threat detection logic Provide support during use case fine tuning phase after handover to SOCMust have Skills:Extensive experience in Information Security.Understanding of event logging, and SIEM technologies.( Qradar, Splunk, Azure Sentinel, Arcsight etc)Thorough understanding of Risk Management principles (Risk Register, Cyber risks etc)Fundamental understanding of Incident Management and Security Operations.Demonstrated process orientation and ability to manage complex tasks.Minimum 10+ years of experience in customer facing roles.Strong communicator and fluent in English.Desired Skills:Any of the following certifications are a plus: CISSP, C|EH, CISA, CISM, C|CISO, GIAC, CompTIA Security+, NCSF, CCSP, GIAC (any). Analytical skills

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: