cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ghosta008
Viewer

SOC/Security Engineer - Software AG

About the Job

 

Location : Kuala Lumpur, Malaysia

 

Software AG’s global Security Operations Center (SOC) provides a holistic Security logging and monitoring service for our internal customers. The Security logging and monitoring service is responsible for creating and providing comprehensive visibility into asset security, problem management and root cause analysis as well as health and utilization monitoring.

This position will deploy, operate and tune the Security logging and monitoring solution in a hybrid and globally distributed setup on-premises and in the public cloud (Azure, AWS).

The Security logging solution is realized on a highly distributed Elastic Cloud Enterprise stack to connect different environments to one centralized Kibana/ Grafana Security console.

Responsibilities

 

  • You Perform optimization and false-positive/negative tuning on security tools to ensure event and alert integrity.
  • Experience in creating automated log correlations in a SIEM to identify anomalous and potentially malicious behavior
  • Working experience with Threat intelligence teams to be able to interpret IOC's and use them efficiently for alerting.
  • Understanding of monitoring devices such as firewalls, network and host-based intrusion detection systems, web applications, AV, WAF, Proxy and operating system logs
  • Ability to recognize patterns and inconsistencies that could indicate complex cyber-attacks
  • Experience in developing SIEM correlation rules to detect new threats beyond current capabilities
  • Deploy, operate and maintain the holistic Security logging and monitoring service on basis of a distributed (on-premises, AWS, Azure) Elastic Search, Logstash, Kibana/Grafana and Zabbix stack integrated in Azure Sentinel SIEM
  • Connect different components (on-premises, public cloud) to the logging and monitoring solution and manage access permissions for asset groups and owners
  • Create comprehensive and meaningful visualization of security log data
  • Follow DevSecOps strategies to implement automate workflows and codified environments to safeguard business continuity and effective disaster recovery

Requirements

  • Hands-on experience with key operations technologies such as:
    • Logging (Elastic Search SIEM, Logstash, Azure Sentinel)
    • Dashboarding (Grafana, Kibana)
    • Scripting (Python, Powershell, Bash)
  • Experienced with the use of automation in the context of IT operations (Azure Functions, Azure DevOps, Azure Logic Apps)
  • Experience working with state-of-the-art SIEM tools (Azure Sentinel, ELK, SOAR, Splunk).
  • Experience with various IT security topics including network security, firewalls, IDS/IPS, Malware, OWASP Top 10, Web Proxy, Endpoint Security etc.
  • Strong technical and analysis skills.
  • You ideally have Cyber Security related certifications (e.g.: CEH, CISSP, OSCP, CPSA, CRT)
  • You are fluent in English and have strong verbal and written communication skills

Interested candidates can apply for the role directly here

2 Replies
ghosta008
Viewer

It has been added. Thanks for highlighting it.

gidyn
Contributor III

You ideally have Cyber Security related certifications (e.g.: CEH, OSCP, CPSA, CRT)

ISC2 certifications conspicuously absent 😀

ghosta008
Viewer

SOC/Security Engineer - Software AG

About the Job

 

Location : Kuala Lumpur, Malaysia

 

Software AG’s global Security Operations Center (SOC) provides a holistic Security logging and monitoring service for our internal customers. The Security logging and monitoring service is responsible for creating and providing comprehensive visibility into asset security, problem management and root cause analysis as well as health and utilization monitoring.

This position will deploy, operate and tune the Security logging and monitoring solution in a hybrid and globally distributed setup on-premises and in the public cloud (Azure, AWS).

The Security logging solution is realized on a highly distributed Elastic Cloud Enterprise stack to connect different environments to one centralized Kibana/ Grafana Security console.

Responsibilities

 

  • You Perform optimization and false-positive/negative tuning on security tools to ensure event and alert integrity.
  • Experience in creating automated log correlations in a SIEM to identify anomalous and potentially malicious behavior
  • Working experience with Threat intelligence teams to be able to interpret IOC's and use them efficiently for alerting.
  • Understanding of monitoring devices such as firewalls, network and host-based intrusion detection systems, web applications, AV, WAF, Proxy and operating system logs
  • Ability to recognize patterns and inconsistencies that could indicate complex cyber-attacks
  • Experience in developing SIEM correlation rules to detect new threats beyond current capabilities
  • Deploy, operate and maintain the holistic Security logging and monitoring service on basis of a distributed (on-premises, AWS, Azure) Elastic Search, Logstash, Kibana/Grafana and Zabbix stack integrated in Azure Sentinel SIEM
  • Connect different components (on-premises, public cloud) to the logging and monitoring solution and manage access permissions for asset groups and owners
  • Create comprehensive and meaningful visualization of security log data
  • Follow DevSecOps strategies to implement automate workflows and codified environments to safeguard business continuity and effective disaster recovery

Requirements

  • Hands-on experience with key operations technologies such as:
    • Logging (Elastic Search SIEM, Logstash, Azure Sentinel)
    • Dashboarding (Grafana, Kibana)
    • Scripting (Python, Powershell, Bash)
  • Experienced with the use of automation in the context of IT operations (Azure Functions, Azure DevOps, Azure Logic Apps)
  • Experience working with state-of-the-art SIEM tools (Azure Sentinel, ELK, SOAR, Splunk).
  • Experience with various IT security topics including network security, firewalls, IDS/IPS, Malware, OWASP Top 10, Web Proxy, Endpoint Security etc.
  • Strong technical and analysis skills.
  • You ideally have Cyber Security related certifications (e.g.: CEH, CISSP, OSCP, CPSA, CRT)
  • You are fluent in English and have strong verbal and written communication skills

Interested candidates can apply for the role directly here