Senior SIEM Engineer
The role of Cyber Defense Consultant is a senior level role, combining the ability to understand our customer's strategic and business needs, whilst also having a deep technical knowledge of security operations processes and technologies.
Security Information and Event Management (SIEM) is one of the key focus solution areas within the Cyber Defense capability. The Cyber Defense Consultant will help to build and drive SIEM business, providing specialist advice and consultancy across the business and as part of sales engagement with external and internal customers. From a Security Operations Center (SOC) perspective, the ideal candidate will have knowledge of how SOCs are designed and configured based on customer requirements.
The Consultant will be required to work on and lead the SIEM architecture and design of major projects for clients, as well as partner within the wider practice to support SOC design and implementation. We are seeking an innovative and motivated consultant who under general direction with a high level of autonomy, uses extensive knowledge and skills obtained through education and experience to perform the necessary architecture, analysis and design tasks related to the development of SIEM configurations, use cases and operational models or specific security solutions to meet the customer's requirement, as well as and understanding of how SIEM solution support SOCs.
The Consultant will be required to work on multiple client accounts and must have the ability to develop and present secure solutions to leadership and technical teams. In addition, the consultant will be required to lead and assess risks imposed by technical solutions and advise clients of security standards, best practice and solutions relating to SIEM and SOC solutions. Key Responsibilities
• Close collaboration and driving of SIEM/SOC business supporting sales, presales, consulting, and partners in order to support our clients from proposal to delivery
• Serves as a SME for the Asia region and coordinates the SIEM activities of junior colleagues and associates as requested
• Able to articulate the business benefits of SIEM to business/technical customers as appropriate, helping them to identify potential future opportunities and bringing them to the attention of people who can commit the required resources to realize those benefits. They always stay on message but are aware of new ideas/products and ready to suggest innovative new markets that DXC
• Ability to prepare SIEM documents and presentations in such a way that they are easily understood by the appropriate audience
• They will demonstrate personal flexibility and focused delivery to ensure the delivery of quality solutions and increase customer satisfaction
• Has SIEM industry awareness including market leaders and key business drivers
• Shares knowledge within the SIEM/SOC community
• Documents feedback and lessons learned from customer engagements so that DXC colleagues can benefit from this knowledge and be alerted to potential new opportunities Qualifications/Skills
• Bachelor's degree in Computer Science, Engineering, or related field or equivalent work experience. May hold Master's or advanced degree in related field
• 8+ years of professional experience
• Experience in architectural design and project led implementation of SIEM solutions
• Has demonstrated ability to coach others in the gathering of requirements, designs, plans and estimates
• Expert knowledge ArcSight, LogRhythm, Splunk
and IBM QRadar
required (configuration, troubleshooting and design and their relative merits); comparable knowledge with products of other leading SIEM vendors helpful
• Contemporary base operating systems and major database platforms architectural knowledge for enterprise environments
• Demonstrates broad knowledge in other technical areas to properly manage complex integration efforts
• Appreciation of the business drivers demanding a SIEM solution
• Understanding of legislative demands and compliance requirements mitigated through SIEM
• Understanding of the additional enabling features achieved from an effective SIEM solution
• Experience of the supporting policy, procedures and practices required to deliver and maintain an effective operational SIEM solution - at the customer or through a service
• Able to communicate with internal and external senior management confidently and demonstrate the professionalism
• Ability to adapt a consulting style appropriate to the situation and can identify up-sell opportunities
• Ability to demonstrate a broad understanding of market dynamics, an industry area, commercial issues, and technical concerns whilst maintaining depth in SIEM/SOC focus area
• Is a specialist in SIEM from either a Management or Technical perspective, capable of understanding and resolving complex SIEM issues.
• Operational experience as an analyst, operations lead, incident responder or SOC manager in a Security Operations, Cyber Defense or Threat Intelligence Centre is helpful Professional certifications
• CISSP, CISA, CISM
• Other certifications related with SIEM and/or incident response (e.g. SANS GCIH, OSCP, ECSA, or GCIA).