SKILLS Understanding of Apache NiFi Experience working with Big Data platforms/ non-relational databases. Knowledge of Hadoop. Knowledge on Azure & AWS fundamental resources. Excellent understanding and proven hands-on experience in SIEM concepts such as correlation, aggregation, normalization, and parsing. Experience with deploying and managing a large SIEM deployment. 4+ years of implementation experience with SIEM Systems (such as Splunk, ArcSight, Qradar) Python and Unix Shell scripting skills. Excellent communication skills. System administration experience in a Windows and Unix environment. Experience working in large enterprise environments. MS Office skills Basic understanding on Vulnerability Management (Saint Vulnerability Scanner) Understanding of enterprise logging standards, with a focus on application logging. Knowledge of content creation concepts and best practices. Understanding of regular expressions, development of custom/flex Parsers. Understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies. Understanding of web application architectures and web services. Knowledge of programming scripting languages to automate tasks and manipulate data. Experience integrating solutions in a multi-vendor environment. Experience developing Data Analytics/Anomaly detection algorithms. JOB RESPONSIBILITIES Log collection and ingestion to our MDR platform from various network devices (like Firewall, Switches, Router, Proxy, IPS, WAF, etc.), servers, and Cloud resources. Log collection via Arcsight, NiFi, Logstash. Log analysis for onboarded devices and taking necessary steps to fix if any issues observed. Preparing Technical Documents with integration architectural information and pictorial representations. Exploring various approaches for log collection, documenting post successful completion and validation. VM Creation and deployment on customer environment. Manage, develop and tune the scripts that integrate SIEM Create technical documentation around the content deployed to the MDR Platform. Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow Develop advanced scripts for manipulation of multiple data repositories to support analyst requirements Engineers, configures and deploys Enterprise SIEM/SEM solutions Collaborate with application owners to define and establish logging standards to address various governance requirements May require travel to client sites as required QUALIFICATIONS Bachelor/ Master’s Degree Certifications preferred: CISSP, SANS GCIA, CCMSE NGX, RHCE, ITIL, vendor specific certifications 10+ Years of Work Experience in a similar role If you wish to apply for this position and be part of this high-reaching and dedicated team, but also improve and grow your experience by participating in international projects, please visit our careers page, select Romania as country and complete our online application form. We are a company that cares about employee happiness as well as company growth. Atos offers not only a challenging and exciting workplace, but also a rewarding work experience, with competitive compensation and benefits packages: Training and certifications: Ongoing In-depth training with current and emerging products and technologies; Flexible benefits: Medical program, Sports benefits, Lunch vouchers, Mobile phone, Laptop; Compensation: Competitive salary package; Extra vacation days. For more information, access the Career section from our website ! #LI-Romania
Implementation Lead in Bucuresti
Datele de contact vor fi vizibile dupa ce veti aplica!