Liquid Intelligent Technologies
Role Requirements
Maintains the integrity and security of servers and systems.
Sets up administrator and service accounts.
Maintain system documentation and standard operating procedures.
Makes recommendations to purchase hardware and software, coordinates installation and provides backup recovery.
Develops and monitors policies and standards for allocation of SIEM resources.
Provides advice and training to end-users.
Provides guidance and work leadership to less-experienced staff members and may have supervisory responsibilities.
Maintains current knowledge of relevant technologies as assigned.
Participates in special projects as required.
Deploy new SIEM logging, playbooks, device connectors as required to collect data feeds.
Provide capability to analyse SIEM output and interpret reports.
Integration of data feeds (logs) into SIEM.
Perform content development to properly identify data feeding to the SIEM.
Develop filters to assist in the identification of significant events.
Develop reports (manual and automated) to support the development, collection, and reporting of quality assurance and performance metrics (as defined by the client) .
Develop dashboards/reports for external customers for system monitoring.
Provide ad-hoc training to analysts focusing on specific client missions, including generic SIEM training sessions and Custom Use Case training sessions.
Provide recommendations and implement changes to optimize SIEM products in the customer environment.
Support the client in fact finding or case supporting tasks as it relates to SIEM.
Evaluate relative SIEM product advancements and provide recommendations to the customer.
Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives.
Provides technical support in the monitoring of firewalls, intrusion detection systems, and enterprise anti-virus and software deployment tools.
Develops implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications.
Able to implement an Azure Sentinel SIEM solution end to end with the ability to leverage cost efficiencies from the Azure stack.
Qualifications & Education Requirements
Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical certifications.
One or more of these industry Cybersecurity Certifications: CISM, CEH, OSCP, CompTiA Security Plus, as well any SIEM related qualification. The Microsoft AZ500 and SC200 qualifications will be highly advantageous.
Strong analytical and organizational skills.
Concise writing skills, excellent MS Word skills as well as other MS Office Applications.
Experience with securing various environments preferred.
Experience in working across security technologies.
Managed security services experience across complex architectures.
In depth understanding of the role of incident analysis tools.
In depth understanding of various types of log analysis.
Prior experience to advise, plan, deploy, configure, manage and monitor large scale and complex cyber defence and IT risk management and information or cybersecurity solutions
Experience Required
Minimum of four (4) years of work experience and two (2) years of relevant experience in SIEM engineering in a Security Operations Center [SOC]
Two years’ experience implementing Azure Sentinel SIEM solutions.
go to method of application »
Apply via company website ( ) or