SIEM Security Consultant
Integrity360 is the largest specialist IT security consultancy in the country. We secure the networks, infrastructures and information of some of the leading companies in both Ireland and the UK. We are passionate about what we do, so too must be any of our new recruits. Integrity360 is currently expanding at a rapid rate – could you be the newest member to our team? We are fun and dynamic and believe in constant learning and development. Progression is a typical buzz word within the organisation.
Key Areas / Responsibilities:
Work as part of a SIEM (Security Information Event Management) team that will allow the remote monitoring of the security posture of remote clients. Integrity Solutions SIEM solution is fully developed but now needs field consultants to install and manage the SIEM solution on remote client sites. The solutions will gather information from defined customer devices that will allow trending of issues and aid in the troubleshooting of incidents. These solutions will allow customers to manage and maintain their devices either by in-house monitoring or via remote monitoring from Integrity solutions Security operations Centre (SOC). Some of the tools that would be utilised in this role would be
- Log Rhythm
- RSA Envision
Problem solving and troubleshooting in a technical environment on customer sites would be key attributes. The capacity to document project design and plan to allow clear understanding of deliverable to customer is of vital importance.
The role requires flexibility and the ability to work extra hours when the business calls for it. A good knowledge of Information Security is required for this role.
- A process of on-going certification for the benefit of the business and for self-development is encouraged.
- Travel may be required as part of this role, and as such a clean driving license and access to a car are essential.
The following qualities will be necessary for the role:
- The ability to demonstrate a dynamic interest in solving information security issues; analytical ability to break down problems into constituent parts; flexibility to handle several information security issues simultaneously.
- The ability to communicate well and demonstrate a good understanding of customer issues together with the aptitude to develop a natural empathy with customers in relation to their business requirements.
- The ability to work in a team environment and on your own initiative and the desire to work on escalated issues from other team members.
Experience in any Security Information and event Management (SIEM) would be a distinct advantage.
Qualification in Splunk would be very beneficial
- Development experience in the areas of Regex, XML, shell scripting.
- Scripting experience in Python, Perl or dyango is essential.
- General Programming knowledge would be of benefit .
- Strong Working Knowledge of Linux, Solaris and Windows Operating Systems.
- Syslog experience.
- Operating System device logging, logging software application.
- Conceptual knowledge in Networks and Network Security.
- IDS/IPS – McAfee, Sourcefire, TippingPoint, Juniper. Analysis events and performing updates.
- Knowledge of network device such as firewalls (Checkpoint, Cisco, fortinet), content filtering (Websense, Bluecoat, IronPort)
- TCP/IP, Routing, L2/L3 Switching.
- Aptitude for solving problems and acting on own initiative.
- Highly motivated with a willingness to learn new technologies.
- Effective communicator with a positive and confident attitude both written and verbally.
- Good written skills with capability to create well formatted, grammatically correct documents.
- Fluent English speaker.
- A strong team player with a flexible approach.
- Can demonstrate consistency in their work attitude.