For our Tech Process client, we are currently looking for a SOC / SIEM Architect (m/f/d).
Volume: Full time
Duration: approx. 3-4 months
Location: remote (approx. 95% ) / Düsseldorf
Languages: English (must), German ( nice to have)
- Support the implementation of an external SOC / SIEM provider
o Identify gaps
o Optimization of the log-on connection
o Check use cases
o Check and improve processes in the interaction of SOC / SIEM and ServiceNow Incident Response
- More than 5 years of experience building SOC, CDC, CSIRT, or CERT environments.
- More than 5 years experience with managing security services / SOC services
- More than 5 years experience with SIEM technologies
- More than 5 years experience with Security Technologies like Vulnerability Management, Firewalls, IPS/IDS, Proxy, AV, AD, Cloud Security, etc.
- More than 5 years of experience with planning and implementation of cybersecurity use cases
- More than 3 years of experience in Security Orchestration, Automation & Response (SOAR).
- More than 3 years of experience with O365 log sources and Microsoft Defender
- More than 3 years of experience with SIEM Systems Sentinel and Splunk
- In-depth knowledge in the areas of:
o MITRE Attack Framework
o Threat Intelligence
- Completed university education in relevant field
- Technical expertise from application to OS level
- Experience with various operating systems (Window, Linux, macOS)
- Experience in the area of Endpoint Detection & Response (EDR)
- Experience in the area of Network Detection & Response / Network Anomaly Detection (NDR/NDA)
- Experience in the area of Incident Response and Incident Mitigation (IR/IM)
- Experience in the area of Computer Forensics (DFIR)
- Good knowledge of ISO 27k and IT Basic Protection, BAFin, MA-Risk, KRITIS etc.
Michael Bailey International is acting as an Employment Business in relation to this vacancy.