This is not an incident response position. Your goal will be to improve the performance of the SIEM every week by reducing false positives, improving detection, ensuring data is parsed correctly, optimizing integration, and improving reporting. As a member of our team, you will oversee the SIEM security systems for one of our key clients, ensuring the tools operate under optimal conditions.
Your daily tasks will consist of:
Engineering security monitoring toolsManaging and optimizing correlation rulesIdentifying and implementing improvements to the SIEM platformManaging configuration changesIdentifying and developing SIEM use casesDeveloping collectors and connectorsParticipating in security committeesDeveloping and improving procedures and playbooksProducing performance reports and contributing to the continuous improvement of the serviceLiaising with SIEM manufacturers regarding upgrades, the roadmap and best practices
WHAT DO WE NEED IN OUR TEAM?
For this position, we are looking for graduates with experience in SIEM solutions who are willing to work onsite at our client's offices in Paris.
You must have a solid foundation in Linux systems, networks, and log management.
We value certifications in SIEM solutions (QRadar/Splunk/Sentinel/ArcSight), Security+, or CISSP, as well as experience in SOAR, automation, and scripting (Python/PowerShell).
WHAT DO WE OFFER?
Hybridworking model and 8 weeks per year of teleworking outside your usual geographical area.
Versátil start and finish times, and intensive working hours Fridays and insummer.
Personalizedcareer plan development, training and language learning support.
National and international mobility. Do you come from another country?We can offer you a relocation package.
Competitivecompensation with ongoing reviews, flexible compensation anddiscount on brands.
Wellbeingprogram: Health, dental and accident insurance; free fruit and coffee, physical,mental and financial health training, and much more!
️