Splunk | SIEM
- Enterprise Sector
- Salary + Bonus + perks!
**Information Security Specialist | Splunk (SIEM) | $150k + super +_bonus**
**About the opportunity**
***
You will be working for a well-known enterprise organisation in Sydney, who are renowned for their products and services within the Telco & Mobile apps sector.
A typical day will involve providing configuration changes, technical analysis on data or products.
This role does not provide direct consultancy to customers but may deliver reports to the customer directly or to internal teams or working in collaboration with one or many security/delivery managers.
The ISS need to work closely with various internal and external partners and provide observations and recommendations for key decisions in the area of security, which may include operational technical support, and other duties supporting the client and / or internal environment
**Responsibilities**
- Analyse complex cases involving a pattern of security events from SIEM, and other security data sources. Splunk experience is preferred.
- Develop and tune use cases, alerts, reports, custom dashboards and further enhancement
- Build, improve, and document processes for the management and monitoring of security solutions.
- Work with technical teams on log onboarding. Baseline and improve threat detection thresholds and improve detection methods.
- Configure, manage, and upgrade Security Information and Event Monitoring (SIEM) platforms. Involve in the operational support of the environment to ensure platform availability.
- Act as a point of contact to the account management and delivery teams for all operational security related reporting for the customer account.
- On a periodic basis, meet with the security and account team to review security reports, status, review any risks, issues, incidents, and outstanding activities.
**Technical Skills**
- Minimum 3-5 years' experience as an Information Security Specialist, Analyst in Security operations especially in security monitoring and network security domains.
- Advanced Knowledge and experience of SIEM (Splunk) Technologies (Logging, monitoring, Triage, reporting of Security alerts and Incidents, and processes) is a must.
- Scripting knowledge is desired for reporting purposes.
- Self-motivated, proactive team player who can work to contribute to the team success
- Experience in assessing information security solutions with working experience on Security products that will include some of the following: SIEM, IDS/IPS, Vulnerability Management, Proxies, End point protection
- Security Analysis experience to include incident classification, investigation and remediation
- Certification(s) in Security Sector (CISSP, CISM, CRISC or similar) preferred
- Awareness of ISO 27001 and SOC2 standard.
**Why you should apply**
***
They're a **huge brand** and a **household name,** having recently gone through an **Agile transformation**, and have **a huge pipeline of bleeding-edge technology implementations** planned across the business.
With awesome offices in the North Ryde area, they foster a **highly collaborative** and inclusive environment with lots of **flexibility**. They boast excellent onsite facilities including cafes, bars, restaurants, sport courts & regular social events.
***
**How to apply**
BBBH49397_166194447244889