Cantaloupe Consulting

SIEM Specialist

Job Description:

Information Security- SIEM Specialist

A reputed Bank is looking for a SIEM specialist who will be involved in SIEM ArcSight End to End Administration. Some of His / Her job function will include, not limited to:

1.Conduct meetings with Application owners, validate details followed by initiating Change Request to fulfil network prerequisites. Review details for sign off with the Group Information Security team.
2. Participate in development, testing and deployment of Flex Connectors to integrate application logs with ArcSight SIEM, in Production and DR.
3. Configuration of ArcSight as per best practices Ensure tools have full compliance to Security standards (ISO, PCI DSS etc.)
4. Upgrade all the SIEM components (ESM, Logger, Connectors, and Console) to the latest version.
5. In-depth log analysis to create use cases based on anomalies.
6. In-depth Incident analysis and escalation to the concerned team.
7. Implementation of the new networking, hardware, operating systems and infrastructure applications for ArcSight Platform
8. Flex development for in house/custom applications/non-standard devices etc.
9. Work to Automate / perform the configuration backup of ArcSight components (Logger, ESM, etc.) Regularly check & take the logger Event Archives backup to NAS and to TAPE.
10. Conduct recurring interaction with the SOC team to Monitoring Enhancement. Conduct regular false analysis on the existing content, raise incidents for non-compliant cases observed.
11. Define monthly/quarterly reports/trends as per internal team requirement. Develop and enhance security device rules, queries, filters, dashboards, reports, channels, and custom active lists .
12. Consult with IR staff and Threat Hunters to design and develop custom detection content
13. Ensure the integrated logs do not contain sensitive information in readable format.
14. Perform daily SIEM Health check and troubleshooting the issues.
15. Perform manual log analysis to validate the logs, categorize events. Maintain documentation


Experience and Qualifications:

5 and above years in Information Security field specializing in SIEM deployment, preferably in banking environment.
Good understanding of standards like PCI: DSS, PA: DSS, ISO27001, NESA, ETC.
Familiar with ITIL Framework and Networking Concepts (CCNA/CCNP)
Effective Communication and Presentation skills

Job Category: IT SIEM
Job Type: Full Time
Job Location: Dubai

Apply for this position

Allowed Type(s): .pdf, .doc, .docx