Position title
SIEM Support Engineer (Arcsight and Elastic)
Description
We are seeking a highly motivated and detail-oriented SIEM Support Engineer to join our team in Lagos, Nigeria. As a crucial member of our Support team, you will play a key role in supporting, maintaining, and enhancing our security information and event management (SIEM) infrastructure built on ArcSight and Elastic.
Responsibilities
SIEM Support and Maintenance:
- Provide day-to-day operational support for both ArcSight and Elastic SIEM platforms, ensuring optimal performance and uptime.
- Troubleshoot and resolve issues related to log collection, data ingestion, and rule execution.
- Maintain accurate and up-to-date documentation for SIEM configurations and procedures.
ArcSight and Elastic Expertise:
- Possess in-depth knowledge of ArcSight and Elastic SIEM platforms, including their functionalities, configurations, and best practices.
- Stay informed about the latest updates and features for both platforms to ensure continuous improvement and optimization.
- Assist customers with complex SIEM configurations and incident investigations when needed.
Log Management:
- Monitor log sources and security events generated by both SIEM platforms for potential threats and anomalies.
- Analyze and investigate suspicious activities, escalating critical issues to senior engineers for further action.
- Contribute to the development and maintenance of log management policies and procedures.
Security Incident Response:
- Participate in the incident response process by providing technical support and analysis of security events from both SIEM platforms.
- Assist with containment, eradication, and recovery efforts as required.
Rule and Content Development:
- Create and customize correlation rules to identify and respond to security incidents.
- Develop and enhance content to enrich the detection capabilities of the ArcSight and Elastic platforms.
Collaboration and Communication:
- Collaborate effectively with the SOC team, IT teams, and other stakeholders to ensure smooth operation and efficient security incident response.
- Communicate clearly and concisely, both verbally and in writing, to document issues, solutions, and recommendations.
- Continuous Learning:
- Proactively stay updated on the latest cybersecurity threats, SIEM technologies, and industry best practices.
- Participate in training and development opportunities to enhance your skills and knowledge.
Qualifications
- Bachelor’s degree in computer science, Information Technology, or a related field.
- 2 years’ experience as an Elastic or ArcSight Engineer or in a similar role.
- Relevant certifications such as ArcSight ESM Administrator or equivalent
Competencies
- In-depth knowledge of Elastic SIEM, ArcSight ESM, Logger, Connectors, and other related components.
- Strong understanding of cybersecurity principles, threat detection, and incident response.
- Experience in scripting (e.g., Python, PowerShell) for automation and customization.
- Excellent communication and collaboration skills.
- Ability to work independently and as part of a team in a fast-paced environment.
- Reporting Line: MD, Business Services and Operations
Hiring organization
Employment Type
Full-time
Job Location
Lagos, Nigeria
Date posted
March 27, 2024
PDF Export
