What do you do as a SIEM Specialist
As a SIEM Specialist you will manage customer SIEM solutions globally. This role is part of our Managed SIEM team in the Cyber Defense Center where you and other SIEM specialists will securely enable availability- and performance levels of customer SIEM solutions. Daily tasks involve mitigating incidents, deploying changes, maintaining- and developing customer SIEM solutions through lifecycle management. You will be an important resource in our service delivery and an integrated part of our team.
How you will do this
You have a broad network-, Linux- and security foundation to build on with special interest in SIEM/log solutions as well as server administration. Your communication skills in Dutch and English are good, both spoken and written. You thrive with troubleshooting and see problem solving as an exciting challenge. You are also able to cope with stress and to work individually. We expect that you already live by our company values:
- Customer first
- Respect and trust
- Easy to do business with
- Highly innovative
What your day looks like
The morning starts off with a nice cup of coffee to get ready to check-up of the alerts sent overnight by the infrastructure monitoring system. Some server may have been down due to a hardware or networking failure. Usually these are easy to fix, but sometimes they require advanced troubleshooting and take up your entire morning. Whilst checking the alerts, a new ticket opens up in the SIEM monitoring work queue for an urgent issue related to the availability of a LogPoint appliance at a German customer’s production environment. This is critical for service delivery, and you dive right in. You identify that this issue is non-trivial and decide to contact the vendor’s premium support line. You coordinate the vendor’s support staff to solve this incident. After all, they don’t know the specific customer’s environment, but you do. After having a break, playing some pool and enjoying a nice lunch in the SecureLounge you head back to your office. In the afternoon, you start working on some scheduled activities, such as monthly reporting jobs describing the overall health of the customer’s SIEM environment. When the report is done, you submit it to the designated account owner for review. While doing this, you receive a call from the internal Service Delivery Manager for this customer, who has received an urgent request with technical information related to an upcoming planned network change. You review the technical documents that are available for this customer and determine that the network change does not affect the delivery of the CDC’s services.
You will be part of the Managed SIEM team in the Cyber Defense Center. This international team consists of multiple engineers on multiple locations, including the Netherlands and Sweden. In the Netherlands, you will be working with 7 colleagues in different roles including managed SIEM and security analysts.
“We are all IT experts who love to work with IT security. Our vision is to always act on new technology and to always be the best option for our customers”. Our customers include both government industries as well as some of the most renowned global brands in high-security industries such as banking, retail and insurance. These companies trust us to protect, manage and develop some of their most critical business infrastructure by providing traceability, measurability and visualization of IT security.
- Knowledge of SIEM solutions such as Splunk, LogPoint or QRadar
- Knowledge- and experience of operating system versions of Windows & Linux Server
- Knowledge of TCP/IP, Routing, Switching and Firewall policies
- Knowledge of Microsoft SQL and/or MySQL
- Experience with Python
Desired Experience; one of the following:
- CompTIA Network+ certified
- CompTIA Linux+ or similar Linux certification
- CompTIA Security+ certified
- Splunk Certifications
- LogPoint Certifications
- QRadar Certifications
Depending on your level of seniority, one of the above certificates is desired. As a junior SIEM specialist you should be prepared and willing to obtain said certificates.
What can you expect from SecureLink
Working at SecureLink will give you the chance to develop both personally and professionally. New challenges are our favorite challenges. SecureLink has an environment with a high rate of change, quick decision-making, combined with sensitivity to our employees. We believe that by providing an atmosphere where we try to have fun at work and love what we do, we will also get the best end results.
We offer a generous benefit package including a company car, pension plan, a financial bonus based on personal targets as well as company targets and much more!
SecureLink is since June 2016 a part of SecureLink Group. SecureLink Group is the market leading provider of cyber security infrastructure and managed security services in Europe. With more than 625 employees and 8 Operation Centers, acting out of seven countries and fourteen locations we serve more than 1000 clients of various sizes across multiple industries to safely enable their businesses. SecureLink Group is currently represented in the Netherlands, Belgium, China, United Kingdom, Germany, Sweden, Norway and Denmark. The Group projects a revenue of 275 MEUR in 2017.
Ask anyone in our team why they joined SecureLink and they will reply the same way. We are all deeply passionate about cybersecurity and committed to innovate and perfect the way we safely enable our customers business.