Security Analyst (Qradar)- Amsterdam, NL

JOB DESCRIPTION:

EXPERIENCE/SKILLS

8+ years' experience in delivering Enterprise SOC services for customers including Security Event Monitoring, Security Operations Services.

HARD SKILLS - - EXPERIENCE IN SIEM(QRADAR) SOLUTION USE CASE (RULES, FILTERS,BB )DEVELOPMENT.
- Experience in Security Event Monitoring process development and design for Enterprise customers.
- Good understand of Event Analysis, triage, categorization and event escalation processes working closely with remote SOC customers
- Good Experience in log analysis of Security Technologies such as Enterprise Firewalls, IPS, DLP, Email and Web Content filtering, Anti-Malware.
- Good Experience in Custom Parser Development (UDSM)

SOFT SKILLS - a) Excellent written and communication skills

b) Good documentation and presentation skills

ROLES AND RESPONSIBILITY

- Content (Use Case ) development on the SIEM platform based of the information provided by the Data Analyst (SOC)
- Creation of search queries, reports, dashboards as per functionality required and inputs from the Data Analyst (SOC)
- SIEM app installation based of requirements given by the application team and following sign-off by CUSTOMER
- Define correlation rules, alerts for near Real Time monitoring requirements

Activities

- Event source log collection status and trends ( Weekly )
- Health and performance metrics for SIEM ( Monthly )
- Support new content development into SIEM including ( Monthly ):
- New event sources integrated into SIEM
- Searches, queries, reports and associated dashboards deployed
- SIEM applications (available on SIEM's application store ) deployed