Website Hewlett Packard Enterprise
You’re driven to produce high quality in all that you do. You strive to understand the purpose behind the work you do to ensure the outcome brings the intended value to the people you serve. Technology intrigues you. You are motivated to learn new things and implement creative solutions in order to overcome challenges. You are comfortable with asking question, learning from mistakes, and supporting your team to do the same. Understanding that some ambiguity is always present and navigating through it doesn’t deter you from pressing forward to improve the environment around you while encouraging others to do the same. If this describes you, please consider this opportunity for a Security Information and Event Management (SIEM) engineer.
How you’ll add value:
- Collaborate with Cyber Defence Center and Advanced Threat teams to maintain, create new, or enhance existing SIEM rules, reports, and dashboards in order to present actionable alerts.
- Support security operations by maintaining SIEM infrastructure; monitor metrics for efficiency and effectiveness; assisting with software and hardware updates/patches/upgrades; create and maintain system documentation; follow change control processes; participate in on call support rotation; and provide timely troubleshooting and resolution of technical matters.
- Engineer SIEM ingestion of log data from various monitored device types as well as multiple intelligence sources.
- Integrate SIEM operation with other security tools to maximize automation of routine activity to speed response and remediation.
- Monitor SIEM alert outcomes and collaborate with other teams in an effort to increase alert fidelity and continuously adapt to the changing threat landscape.
- Strong self-motivation and time management
- Excellent written and verbal communication skills required
- Solid understanding of IT and security such as:
- Networking operating systems and concepts
- IP addressing and subnets
- Common ports and protocols
- Mastery knowledge various network and security infrastructure interoperation
- Network security controls (e.g. firewalls, proxy, IPS/IDS) and dataflow
- Database operations
- Active Directory
- Understanding of common Linux and Windows administration
- Familiarity with SQL and Regular Expressions
- Intermediate understanding of various code/scripting languages.(e.g. C, Java, python, bash)
- Experience developing SIEM correlation rules
- Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering or related field of study; or at least 5 years of related experience and/or training; or equivalent combination of education and experience preferred
- Minimum 3 years of ArcSight (or other SIEM) administration, configuration and management
To apply for this job please visit careers.hpe.com.