Specialist Cybersecurity Infrastructure Support

Description:

Our client is looking for a Specialist Cybersecurity Infrastructure Support. This individual will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. He will support the architecture, deployment, management, and maintenance of these SIEM platforms. It’s a 6-month contract.Grade 12Relevant OEM or vendor certifications, such as SIEM technologies like ArcSight, AWS, Azure Sentinel, or QRadar.Minimum of 7 years’ experience (4) years of work experience in information security and cybersecurity and (3) years of relevant experience as a specialist in Cybersecurity Infrastructure Support.Experience with a ticketing system such as BMC Remedy.Basic Linux and Windows Server experience.Experience working with virtual environments.Extensive expertise in installing, maintaining, and supporting SIEM technology and its component systems.Experience working with IP networking, networking protocols, and understanding of security-related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail, and access-lists.Experience with internet, web, application, and network security techniques.Experience with relevant operating system security (Windows, Solaris, Linux, etc.)Experience with leading firewall, network scanning, and intrusion detection products and authentication technologies.Adheres to the standard operating procedure and playbooks in the SOC.Monitor the environmental stability of the SIEM platforms, manage the health of log collection methods, facilitate SIEM change requests, and manage the scheduled SIEM platform upgrades.Support SIEM architecture changes, tool deployments, and advanced content development.On-board new data sources, create new custom parsers, and build custom connectors for data collecting, parsing, and mapping.Develop and integrate use cases for business applications, gather use case requirements and develop solutions for the SOC Team, and fine-tune existing rules feeding into the security monitoring and response process.Responsible for configuration, implementation, testing, and performance enhancements for SIEM technologies, with a preference for ArcSight appliances, Azure Sentinel, or QRadar.Build and maintain operational documentation to support the SIEM platforms, write and maintain process documentation, and create, maintain, and implement detailed documentation and standard operating procedures.Apply open source and commercial threat intelligence feeds into the SIEM.Assist in the response to cybersecurity incidents, providing technical expertise and support.Ensure that all systems and networks comply with applicable cybersecurity policies and standards.Provide support on a weekday business hours scheduled, also responsible for on-call, extended hour, and weekend support as required by mission or emergencies.