CTC007844 - Security System Administrator - Expert
Secteur industriel: Bancaire/Banking
Type d'emploi: Contract
Durée: One year
Mode de travail: Remote
Description
Duration: 1 year
Bilingualism: No
Time-to-perm: Preferable!
Teleworking: Hybrid or remote? Hybrid or 100% remote depending on profile
Main responsibilities :
-
Configuration, management and maintenance of the Event and Incident Manager (SIEM).
-
Ensuring data integrity and the implementation of security and control measures.
-
Ensuring the high availability of the technological ecosystem.
Team context:
-
The IT Cybercrimes delivery team manages the monitoring ecosystem including Splunk Enterprise Security, Splunk SOAR, Extrahop and other cybersecurity tools.
Skills required:
-
Experience in ingesting security logs and creating use cases for cyber threat detection.
-
Knowledge and experience in optimising ingestion pipelines with the Cribl tool (highly desirable).
Current projects:
-
Implementation of a datalake dedicated to cyber security.
-
Complete overhaul of the ingestion pipeline to optimise use of Splunk and improve the efficiency of detection processes.
