On behalf of
Cyrebro, SD Solutions is looking for a talented
SIEM Engineer who will be responsible for enhancing the SIEM ingestion
and detection mechanisms to support new data sources integration to our detection engine.
SD Solutions is a staffing company operating globally. Contact us to get more details about the benefits we offer.
The engineer will work closely and be guided by the team’s senior researchers as for how to perform an in depth analysis of the incoming event data from the various integrations; While aiming to successfully create detection rules to alert on suspicious and malicious activities in our clients’ organizational network.
Responsibilities:
- Configure SIEM data ingestion mechanism, aka data source event
data parsing & mapping. - Develop SIEM detection rules for newly introduced data sources.
- Tuning of existing SIEM rules based on clients’ and monitoring team
requests.
Requirements:
- Familiarity with domain environments, common systems, and tools.
- Familiarity with common security tools, e.g: EDR, IDS/IPS, WAF, etc.
- Proven experience with SIEM systems.
Advantages:
- Experience with IBM QRadar.
- Experience in creating reports, guide, playbooks.
- Programming skills (Python, PowerShell)
About the product:
Cyrebro is an online cybersecurity central command-managed SOC that integrates all security events with strategic monitoring proactive threat intelligence and rapid incident response. The platform makes it easy to see and maintain an accurate and meaningful picture of cyber intelligence solutions posture in one centralized platform.
Cyrebro also simplifies cybersecurity with full, rapid clarity for even the most complex situations to make the right business decisions, quickly. It also radically reduces investigation time into malicious attacks from days to hours, and minutes to instant. 93% of attacks compromise systems within minutes.
Cyrebro’s Research team is responsible for analyzing and characterizing new emerging threats and trends in the cyber security field.