SIEM Engineer
Afiniti
Karachi, Pakistan
6d ago

Who are we? Afiniti is the world’s leading applied artificial intelligence and advanced analytics provider. Afiniti Enterprise Behavioral Pairing™ uses artificial intelligence to identify subtle and valuable patterns of human interaction in order to pair individuals on the basis of behavior, leading to more successful interactions and measurable increases in enterprise profitability.

Afiniti operates throughout the world, and has measurably driven billions of dollars in incremental value for our clients.

Purpose Afiniti is seeking to hire an innovative and motivated individual, who under general direction can work with a high level of autonomy, uses knowledge and skills obtained through education and experience to perform the necessary assessment, analysis and tasks related to specific regulations, industry standards and / or a customer’s unique requirements.

A qualified candidate will primarily be working on managing and utilising the Afiniti SIEMS to their full extent (Enterprise & Client facing) so the SIEMS operate and exceed industry best practices where Afiniti achieves maximum value from these systems.

Specific responsibilities include the implementation of best practices, determine specific use cases and fully integrate the solution into the environment and workflow.

The candidate will need to have experience in a variety of technologies including networking devices, security devices, operating systems, and databases etc Key Responsibilities

  • Developing and implementing SIEM solution internally and as well for clients and / or candidates who have strong experience in assessing and implementing SIEM and other operational tools and processes for a Security Operations Centre (SOC)
  • Develop content for a complex and growing SIEM infrastructure. This includes use cases, dashboards, active channels, reports, rules, filters, trends and active lab sessions
  • Use SIEM in the daily operational work and workflow of the end customer
  • Administer SIEM software platform.
  • Monitor SIEM and other event sources, assess, prioritize and escalate and manage security alerts.
  • Perform analysis of security, network database and application logs, correlate events and activities to create threat scenarios in order to get ahead of threat actors and reduce the exposure
  • Lead the imminent threat / zero-day response function across the environment
  • Translate threat intelligence into actionable security across tools such as firewall, IPS and malware detection across multiple security vendor platforms
  • Track and resolve security incident tickets and collaborate with other teams for resolution.
  • Must have some experience building custom connectors / parsers etc. to point devices or IT assets that are not supported out of the package
  • The ideal candidate will have

  • 2 to 5 years of professional experience
  • System security and SIEM implementation experience
  • In-depth experience and understanding of Security Event Management both from a technology / tool as well as process perspective
  • Demonstrated knowledge of TCP / IP networking and major protocols such as : HTTP, SSL / TLS, DNS, SMTP
  • Demonstrated experience and expertise with several of the following technology competencies with SIEM, vulnerability scanning tools (Nexpose, Metaspolit), File Integrity Monitoring, and Data Loass Protection etc.
  • Development of security scripts in Powershell or Python for areas such as : automated detection and scanning capabilities
  • Network stream analysis using PCAP data and packet reconstruction
  • Experience executing on a defined Incident Response Frameworks and Handling Procedures such as NIST, SANS.
  • Current knowledge of security threats, solutions, security tools and network technologies
  • An understanding or proficiency in information security and compliance regulations (ISO 27001, PCI DSS, GDPR, SSAE-18 SOX)
  • Keen ability to diagnose and troubleshoot technical issues, excellent problem solving skills
  • Fluency in English, written and spoken is a must
  • Excellent documentation skills
  • Must be able to work independently, and also a team player
  • You may be required to travel on need basis
  • Education & Qualifications

  • Bachelor’s Degree in an IT related discipline
  • CEH CHFI IBM Q-Radar or similar security related certification
  • In lieu of certifications, at least 2 years of information security, auditing or risk management experience
  • Salary & Package

    As well as a competitive base salary dependent on the number of years of experience, we also offer Corporate benefits.

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form