Cyber Security Engineer
RealTime are looking for a Cyber Security Engineer to support the technologies used for security threat monitoring, detection, event analysis and incident reporting for the cyber security team.
- Responsible for the configuration and management of enterprise security log sources into the SIEM.
- Support onboarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logs.
- Create queries, dashboards, and visualizations to support requirements.
- Analyse IOCs and build on these to facilitate threat hunting.
- Experience in the management of EndPoint Security Products (AV and EDR).
- Security analysis/assessment and reporting of applications/services.
- Proactively investigate host, network, and log-based security events.
- Analyse current client security procedures & propose improvements.
- Provide risk assessment reports on threats, solutions, emerging technologies etc.
- Support IT and Security Audits, Cyber Security Reviews, Network Security Testing etc.
- 5 years IT experience, with 4 in Cyber security & 3 years in SIEM usage
- Strong knowledge of Splunk incorporating Enterprise Security as a SIEM.
- Log Management analysis of Security Appliances and aggregate multiple Data Sources (e.g. web, mail firewall, AV). Experience integrating endpoint security and host-based intrusion detection solutions.
- Cyber incident management.
- Strong understanding of Security Appliances/Solutions including IPS/Next Gen Firewalls filters.
- Advanced knowledge of Windows Operating System architecture and internals.
- Strong knowledge of core Information Technology concepts such as TCP/IP networking, Active Directory, Unix/Linux, Cloud Service Providers.
- Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques and procedures used by cyber adversaries.
- Good knowledge of machine learning in cybersecurity.
- Good understanding of log collection methodologies and aggregation techniques.
- Understanding of Networking Architecture (OSI Model).
- Strong knowledge and experience dealing with security standards and frameworks such as ISO27001, NIST etc.