Security Engineer – Sentinel / Qradar- SIEM Engineer

Kuwait

Scope of Work:

  • Assist in the implementation and management of Security Information and Event Management (SIEM) solutions to support security monitoring and threat detection efforts.
  • Collaborate with senior team members to configure data sources, connectors, and log collectors for effective data ingestion into the SIEM platform.
  • Learn to develop and maintain correlation rules, alerts, and dashboards to identify anomalies and potential security incidents.
  • Participate in requirements gathering sessions with cross-functional teams to customize SIEM use cases according to security needs.
  • Monitor SIEM dashboards and alerts, learning to identify and respond to security events and incidents in a timely manner.
  • Contribute to the analysis of security logs and events, assisting in investigating suspicious activities and identifying patterns.
  • Provide support to Tier-2 and Tier-3 analysts by offering preliminary analysis and contextual information for escalated incidents.
  • Collaborate with senior engineers to review SIEM performance, assisting in fine-tuning configurations and rules for improved accuracy.
  • Stay informed about evolving threat intelligence and security trends, integrating insights into SIEM rule refinement.
  • Learn to assist in incident response activities, contributing SIEM log data for investigations and resolution.
  • Work with IT teams to ensure proper data collection and normalization from various sources to enhance analysis.
  • Support the creation and maintenance of documentation, playbooks, and procedures related to SIEM operations.
  • Participate in security assessments and audits under the guidance of senior team members to evaluate SIEM effectiveness.
  • Engage in training opportunities and knowledge-sharing sessions to expand understanding of SIEM functionalities.

Skills

Qualification:

• SIEM Platforms (e.g., Splunk, QRadar)

• Log Management

• Scripting (Python, PowerShell)

• Data Correlation

• Event Visualization

• Networking Protocols

• Security Event Monitoring

 

Certification (Optional but beneficial):

  • CompTIA Security+
  • Cisco Certified CyberOps Associate
  • LogRhythm
  • IBM QRadar
  • Microsoft Certified: Cybersecurity Architect Expert
Post date: Today
Publisher: Bayt
Post date: Today
Publisher: Bayt