Senior Security Consultant (SIEM)

This application consists of two pages.

Help AG is looking for a talented and enthusiastic individual to join our Technology Consulting team in the capacity of Senior Security Consultant specialized in SIEM. If you have a strong knowledge and interest in cyber security, and have worked on SIEM Technologies this position might be the right one for you.

Role:
The successful candidate will mainly be responsible for integrating security solutions engagements in medium to large Enterprise environments. Drawing on both technical and business integration acumen, there is the opportunity to interact with and manage relations between both clients and Help AG staff. This role requires the hands-on architecture, design and deployment of projects with project teams of varying sizes.


Responsibilities:
- Defining customer requirements with a focus on Security Information and Event Management (SIEM) solutions at an Enterprise level.
- Developing detailed SIEM architecture plans, performing requirements analysis and producing design documents including functional and technical specifications.
- Participating in the implementation of SIEM Solutions meeting customer requirements.
- Providing technical support services to develop and maintain integrated SIEM solutions
- Determining system architecture specifications and working parameters for hardware/software compatibility
- Configuring and validating secure systems, testing security products and systems to identify security weaknesses
- Contributing to continuous growth of the technology consulting practice through mentorship, identification of new opportunities and development of SIEM solutions.



Skills & Requirements:
- A Degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree
- An active interest in Cyber Security, incident detection, network and systems security
- Experience in using SIEM tools, mainly Splunk.
- 2+ years experience in Splunk (Certified Admin or Certified Architect is preffered)
- Hands-on Experience in Splunk Enterprise Security: Creating Correlation searches, fine tuning, Threat Intelligence.
- 2+ years experience in various Security Technologies (IDS/IPS, Firewalls, DLP, Web Security, Email Security, etc.)
- Good Experience in Unix/Linux OS
- Knowledge of Security Operations and Incident Response basics
- A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
- Demonstrable experience of analyzing and interpreting system, security and application logs
- Strong research background, utilizing an analytical approach.
- Familiarity with network security methodologies, tactics, techniques and procedures.
- CCNA, CISSP, GCA, GCIA, GCIH, CEH certification is a plus.
- Outstanding Organizational Skills
- Exclusive focus and vast experience in IT
- Very good communication skills
- A motivated, self-managed, individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.
- Strong written and verbal skills
- Strong interpersonal skills with the ability to collaborate well with others
- Ability to speak and write in English is required; Ability to speak and write in both English and Arabic is preferred
- Highly motivated individual with the ability to self-start, prioritize, multi-task and work in a team setting.
- Candidate must be able to react quickly, decisively, and deliberately in high stress situations.

Question Title

* 1. Full Name

Question Title

* 2. E-mail address

Question Title

* 3. Phone

Question Title

* 4. In what country do you currently reside?

Question Title

* 5. How did you hear about this position?

Question Title

* 6. Number of years of Experience as Security Consultant or Similar role?

Question Title

* 7. What SIEM solutions have you worked on so far?

Question Title

* 8. Which of the following certifications do you currently have?

Question Title

* 9. What is your current knowledge of Splunk for Enterprise Security?

Question Title

* 10. Have you worked on any form of clustering within Splunk?

Question Title

* 11. Please rate your experience in the following areas, (1) = Basic, (5) = Expert

  1 2 3 4 5
Basic Splunk Implementation
Clustering
Custom Add-on Creation
Custom Application/API Integration
Performance Fine tuning
Security Use case development

Question Title

* 12. Do you think Splunk is a good tool to monitor Endpoints/User Workstations

Question Title

* 13. What allows Enterprise Security to aggregate logs of similar nature from all sources into one data set

Question Title

* 14. Which Splunk command allows us to save the result of a specific search to be used later as a baseline

Question Title

* 15. What is the best way to detect connections to suspicious domains on a non-standard HTTP port in a transparent proxy environment

Question Title

* 16. Which roles can co-exist on Splunk Search Head

Question Title

* 17. Is it recommended to manage the configuration of a cluster of indexers using a Deployment Server? and why?

Question Title

* 18. A single Search Head can search (Select two)

Question Title

* 19. Which functionality allows a Splunk Enterprise user to trigger web based actions on events that match a certain criteria?

Question Title

* 20. After running this command:
#splunk enable boot-start -user splunk

Is it possible for Splunk to enable listening on default syslog port?

Question Title

* 21. Describe one of the most interesting security use cases that you managed to build using Splunk

T