Position title
SIEM Support Engineer (Arcsight and Elastic)
Description

We are seeking a highly motivated and detail-oriented SIEM Support Engineer to join our team in Lagos, Nigeria. As a crucial member of our Support team, you will play a key role in supporting, maintaining, and enhancing our security information and event management (SIEM) infrastructure built on ArcSight and Elastic.

Responsibilities

SIEM Support and Maintenance:

  • Provide day-to-day operational support for both ArcSight and Elastic SIEM platforms, ensuring optimal performance and uptime.
  • Troubleshoot and resolve issues related to log collection, data ingestion, and rule execution.
  • Maintain accurate and up-to-date documentation for SIEM configurations and procedures.

ArcSight and Elastic Expertise:

  • Possess in-depth knowledge of ArcSight and Elastic SIEM platforms, including their functionalities, configurations, and best practices.
  • Stay informed about the latest updates and features for both platforms to ensure continuous improvement and optimization.
  • Assist customers with complex SIEM configurations and incident investigations when needed.

Log Management:

  • Monitor log sources and security events generated by both SIEM platforms for potential threats and anomalies.
  • Analyze and investigate suspicious activities, escalating critical issues to senior engineers for further action.
  • Contribute to the development and maintenance of log management policies and procedures.

Security Incident Response:

  • Participate in the incident response process by providing technical support and analysis of security events from both SIEM platforms.
  • Assist with containment, eradication, and recovery efforts as required.

Rule and Content Development:

  • Create and customize correlation rules to identify and respond to security incidents.
  • Develop and enhance content to enrich the detection capabilities of the ArcSight and Elastic platforms.

Collaboration and Communication:

  • Collaborate effectively with the SOC team, IT teams, and other stakeholders to ensure smooth operation and efficient security incident response.
  • Communicate clearly and concisely, both verbally and in writing, to document issues, solutions, and recommendations.
  • Continuous Learning:
  • Proactively stay updated on the latest cybersecurity threats, SIEM technologies, and industry best practices.
  • Participate in training and development opportunities to enhance your skills and knowledge.
Qualifications
  • Bachelor’s degree in computer science, Information Technology, or a related field.
  • 2 years’ experience as an Elastic or ArcSight Engineer or in a similar role.
  • Relevant certifications such as ArcSight ESM Administrator or equivalent

Competencies

  • In-depth knowledge of Elastic SIEM, ArcSight ESM, Logger, Connectors, and other related components.
  • Strong understanding of cybersecurity principles, threat detection, and incident response.
  • Experience in scripting (e.g., Python, PowerShell) for automation and customization.
  • Excellent communication and collaboration skills.
  • Ability to work independently and as part of a team in a fast-paced environment.
  • Reporting Line: MD, Business Services and Operations
Employment Type
Full-time
Job Location
Lagos, Nigeria
Date posted
March 27, 2024
PDF Export
Export as PDF
Close modal window
Position: SIEM Support Engineer (Arcsight and Elastic)
Grade*

Agreement

*Required fields

Loading...

Thank you for submitting your application. We will contact you shortly!