Accessibility Links
  • Job reference: RMS0202249

SIEM Consultant (L3)

  • Sector: Commercial
  • Location: Oman
  • Job type: Contract
  • Date posted: 11/11/2018
  • Duration: 1 year
  • Time left:
    d h m s
    (23/12/18)
Send jobs like this to my email    What's this?

The Role:
* shall provide on-site, on-call, and remote service and support as requested by the client to keep the IT in satisfactory secure operating condition.
* Understand cllient Network including LAN/WAN, network monitoring, network analysis, network tuning & optimization
* Ensure that all systems in an Organization are integrated with SIEM solution.
* Developing and implementing use cases for SIEM solution.
* Creating dashboards, reports and alerts
* Forensics investigation to figure out root cause behind incidents reported or escalated by L2 resource
* Defining customer requirements with a focus on Security Information and Event Management (SIEM) solutions at an Enterprise level
* Create custom connectors for SIEM
* Identify logging level requirements for each log source
o Create script for checking the logging level compliance
o Identify required log settings for OS, APP, DB's, Network & Security systems
* Create new rules for current and future heats
* Day to day monitoring of SIEM
o Ensure all alerts are handled in timely manner
o Ensure riskiest incidents are given priority and escalated to respective stakeholders
* Act as hunter looking for suspicious & anomalous activity
o Follow through, escalate and handle incident to resolution
* Ensure organization policy violations for access control & authentication are adhered to
* Create reports for daily / weekly activity/ monthly reports
* Ensure tasks are completed on time with minimal false positives
* Participate in daily monitoring incident calls
* Ability to be on stand-by on call and emergency onsite
* Identification and escalation of any breaches
* Develop and maintain an understanding of IT Security industry trends
* Continuously improve knowledge of current and emerging IT Security threats and vulnerabilities
Will support cross-organizational efforts, take part in on-call incident response rotation and respond to critical situations.

The Company:
Our client is a risk advisory firm.

Essential Skills / Qualifications:
Should have IBM Qradar experience.

About Fircroft:
Fircroft has been placing people in specialist technical industries for approaching half a century, focusing on mid to senior level engineers for contract and permanent roles worldwide. By applying for this job you give consent for Fircroft to contact you, via email & telephone, to discuss your application along with future positions and Fircroft's services.

Fircroft is registered as a Data Controller with the Information Commissioner as required under the General Data Protection Regulation 2016/679. Fircroft will only process your personal data for the specific purposes of managing your application.

Similar jobs
Nabila Shaikh
IT Storage Expert Location Dubai Duration permanent The Role: 1. The role of this position is to provide...
Zhala Ramazanova
SIDM Engineer Location Azerbaijan Duration 1 month The Role: * Installation of new VAS systems and applications...
Nabila Shaikh
Technology & Product Development Director Location Dubai Duration permanent The Role: Product development vision and strategy * Lead...

Back to Top

By clicking "Save" you consent to
receiving matching jobs based on the
job/page you are viewing by email from
Fircroft, as detailed in our privacy policy
Fircroft would like to keep you up to date with our current vacancies and latest company updates via email. Occasionally Fircrofts marketing may contain 3rd party or affiliate information, however we will not share your personal data with any 3rd parties without your consent. From time to time, we might contact you to get your views on the service you have received. To help you get the best out of Fircroft, we may personalise them based on your location and how you use fircroft.com
Fircroft would like to keep you up to date with the latest company updates and vacancies via SMS / Text messages
Your consent options above means that Fircroft cannot contact you about any new or alternative career vacancies. If you want Fircroft to only contact you about the role(s) you have applied for please continue, however if you would like to be considered for other positions please allow us to contact you by changing one or more of the above consent.