Ofertas de Empleo
SIEM Content Specialist
Consultoria / Asesoría
You are self-motivated, energetic, driven for success and results oriented. Your knowledge of security devices, system administration, security operations processes, incident management, professional services and the firm will help you to support delivery and execution of managed security services offered by Deloitte. You will also be a key player and part of a team providing world-class security operations capabilities for our clients and a capability aligned with our strategic direction and that helps the firm better deliver on new and existing engagements. This position will focus on supporting and maintaining the new and existing clients in the SOC.
Occasional travel to local clients will be required and there are also opportunities for travel nationally and globally if the candidate is interested. This position requires ability to obtain Government of Chile and Canada "Secret"security clearance.
• Responsible for Content Development (rules, use cases, reports, queries, etc.) in SIEM (ArcSight,
LogRhythm, and/or QRadar);
• Generate and implement rules based on specific client requirements
• Tuning/testing of content to reduce false positives within the SIEM
• Create documentation (playbooks) of all content created
• Provide input, direction and strategic decisions to help drive content decisions within the SIEM
• Ability to assess the content as a result of changes in the client environment
• Providing reports on a monthly basis or ad hoc communicating the changes in the content in the SIEM platform
• Integrate threat intelligence from various sources into existing and new content
• Customize security content including filters/rules/report creation and vulnerability mapping
• Participate on Workshops with clients to propose or present use cases
External Posting Qualifications
• Minimum of two (2) years of experience working within information security
• Minimum of one (1) year of SIEM Content Development experience
• Experience with SIEM technologies (e.g. ArcSight, LogRhythm,McAfee, QRadar etc.)
• Strong working knowledge of Security devices (IDS/IPS, Firewalls, Load Balancers, Routing & Switching
• English proficiency excluding
• Three or more (3+) years of SIEM Content Development experience
• Advanced knowledge of security analytics, reporting and creative thinking
• Experience integrating new log sources and data correlation rules into the SIEM
• Three or more (3+) years of experience within the information security field
• One or more (1+) years of experience with Security Operations and Incident response
• Availability to travel 3 months to Canada
Launch your career with The One Firm where you can make a greater impact than you ever thought possible.
With endless opportunities at every turn, and a culture built to support and drive our people to be the very best they can be, Deloitte is The One Firm for you to learn, grow, create, and lead.
At Deloitte, we understand that everyone, and their career goals, are different. As a firm, we help create the conditions and opportunities that will enable our people to thrive – both professionally and personally. We do this by making three commitments to our people:
• You will lead at every level: We grow the world’s best leaders so you can achieve the impact you seek, faster.
• You can work your way: We give you the means to work how you want, and we have innovative spaces and the mindset to help you be wildly successful.
• You will feel included and inspired: We create a deep sense of belonging where you can bring your whole self to work.
Apply now and let us show you how to push your career to the next level at Deloitte. The One Firm. For You.
Deloitte is an inclusive employer dedicated to building a diverse workforce. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective provincial human rights codes throughout all stages of the recruitment and selection process. Please advise the Recruiter to ensure your accessibility needs are accommodated throughout this process. Information received relating to accommodation will be addressed confidentially.
We thank all applicants in advance for their interest; however, only those candidates selected for an interview will be contacted.
Experiencia en cargos relacionados
Escrito: Alto - Hablado: Alto - Traducción: Alto