Beschreibung
TätigkeitenbeschreibungFor one of our clients in Frankfurt, we are looking for a: Cyber Threat Analytics - Splunk & SIEM Developer to help with their ongoing project:
Project Description: The cyber security landscape has changed dramatically over the past few years with a record number of incidents and threats being reported. Attackers are rapidly becoming more sophisticated and threats are originating from all directions. The position is part of the Global Intelligence and Response Center’s Threat Operations function in xxx.
Role: Splunk & SIEM Developer
Responsibilities / Tasks:
Working with Cyber Intelligence, Analytics and Incident Response and our Engineering function to drive Cyber Security monitoring requirements forward especially in relation to security monitoring/SIEM and Security Analytics
Developing our SIEM content (use cases, reports, network & asset model management, dashboards, rules/logic, documentation, process establishment)
Defining requirements for Splunk Engineering to meet our needs
Supporting integration of new log sources and parsing relevant logs
Producing reports and outputs to provide an accurate depiction of the current threat landscape and associated risk through the use of private, community, and open source reporting and our SIEM Experience / Exposure (Technical Skills)
Good experience with Splunk and preferably Splunk Enterprise Security
Good experience is writing complex searches/correlations in Splunk
Some IT Security background (understanding security risk, threats, vulnerabilities, security policies etc.)
Knowledge of the threat landscape, adversary tactics, techniques, and procedures (TTP), general attack stages, kill-chain and attack types
If possible experience in scripting languages and HTML/XML
Character/Professionalism:
Possess unimpeachable personal and professional integrity
Excellent verbal and written communication skills (English language)
Strong analytical and problem-solving skills and conceptual knowledge
Experience of working in high performing teams and understand the dynamics of teamwork in a international environment
Education / Certification:
Degree from an accredited college or university (or equivalent) in a IT or data analytics field preferred
Splunk Certifications
If possible some Security certifications (e.g. GCIH, GCIA, ECIH, CEH, OSCP, OSCE, GCFA, CSIH, CISSP) and/or technical certifications (e.g. CCNP, MSCE)
Location: Frankfurt
Start: ASAP
End: 31.12.2017
If you are interested, please send us a copy of your updated / current CV to: Please also feel free to call us at: .
We look forward to your application!