Security Information & Event Management Correlation Engineer
Oslo, Norway Events
Job description
Engage with the biggest companies, go up against the most sophisticated security challenges and connect with talented and creative minds. What makes security so exciting is that it's never static. Techniques that worked last year no longer work, which makes a role with IBM Security essential, fast paced and exciting. IBM Security is focused on developing top talent and industry leading skills.
We are growing and looking for a SIEM Correlation Engineer to support a variety of exciting projects across all industry sectors. The SIEM Engineer role calls for a proven record in the industry with experience in one or more areas of SIEM Tools. You will act as subject matter expert in the area of SIEM and is responsible for hands on implementation of the QRadar SIEM solution.
The SIEM Engineer has the following responsibilities:
· creates, modifies and tunes the system rules to adjust the specifications of alerts and incidents.
· creates scheduled reports, integration of the SIEM with multiple systems and on-boarding of the log sources.
· ensures conversion and configuration of the use cases to SIEM rules.
· performs maintenance and administration (software updates, troubleshoot issues etc.) of the SIEM components.
· contributes in reqiurement gathering, PoCs during sales process. You will work with customer or IBM's designated personnel to provide continual correlation rule tuning, prioritization recommendations, report query adjustments, and various other configuration activities in order to help customer fully optimize the SIEM system capabilities.
Work location: Oslo or Stockholm.
Are you our next Security colleague? Apply now with your CV and cover letter.
Auto req ID
111333BR
Required Education
Bachelor's Degree
Role ( Job Role )
Security Specialist
State / Province
OSLO
Primary job category
Technical Specialist
Contract type
Regular
Employment Type
Full-Time
ERBP
Yes
Is this role a commissionable/sales incentive based position?
No
Travel Required
Up to 50% or 3 days a week (home on weekends - based on project requirements)
IBM Business Group
Security
Preferred Education
Master's Degree
City / Township / Village
OSLO
EO Statement
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Required Technical and Professional Expertise
· At least 3-4 years of experience in supporting security technologies of which at least 1-2 year of SIEM related.
· Has knowledge of SIEM and its ability to integrate and absorb data form associated security technologies and it's role in a Security Operations Center.
· Knowledge of TCP/IP communication and flow (netflow) technologies.
· Hands on experience on QRadar SIEM deployment, configuration and maintenance is highly desired.
· Experience of integrating the SIEM with other systems (Vulnerability scanner, AD, etc.)
· Experience of on-boarding of the log sources.
· Experience and capability of translating business driven Use case to SIEM rules on the QRadar
· Has working knowledge of the Unix and Windows platforms
· Has understanding of information security across multiple security domains such as Identify and Access Management; Application and Data security; Infrastructure and Endpoint; as well as the inter-relationships between major components.
· Fluency in one of the Scandinavian languages
Country
Norway
Preferred Technical and Professional Experience
· SIEM (QRadar) certification is preferred.
· Experise in Security Operations Center environment covering people, process & technology components.
· Knowledge and work experience using ITIL.
· Good documentation, communication and presentation skills.
· Work experience in complying to regulatory requirements.
Secondary Job Category
Technical Solutions Support Specialist
Eligibility Requirements
Projects are based across the Nordic countries, often on client premises, so the ability and willingness to travel is an essential requirement.
Position Type
Professional
New Collar Role
No