Assistant Manager - Cyber Security Siem Use-Case Engineer

Detalles de la oferta

Job Description - Assistant Manager - Cyber Security SIEM Use-Case Engineer (MER0003F0P)

Assistant Manager - Cyber Security SIEM Use-Case Engineer
Group: Mercedes-Benz Group AG

Description The Mercedes-Benz AG Group CISO heads Mercedes-Benz's Global Cyber Security Department (based in Stuttgart, Germany). We are looking for a Cyber Security SIEM Use-Case Engineer to join our Cyber Intelligence and Response Centre (CIRC). This role is crucial for the engineering, development, and continuous improvement of threat detection use-cases within our SIEM. You will also be involved in the engineering and development of custom rules to detect potential threats swiftly and creating transparency to map existing detection capabilities to the MITRE ATT&CK framework.

Key Responsibilities: Proactively create, test, and tune new detection use-cases in the SIEM. Review and enhance existing detection use-cases using Machine Learning or User & Entity Behaviour Analytics (UEBA). Map detection use-cases to the MITRE ATT&CK framework to assess SIEM monitoring coverage. Perform regular updates to threat detection engineering playbooks, processes, and documentation. Collaborate closely with the SOC to challenge and improve detection and prevention capabilities. Identify and implement SIEM use-cases to address blind spots. Coordinate with the log onboarding team and SIEM architect to validate new log sources for compliance and improve SIEM backend performance. Collaborate with the Service Operations team to address challenges, process fulfillment, documentation, and improvement of Service Operations Quality. Provide governance on topics related to operational stability. Join us to play a pivotal role in enhancing our cyber security measures and protecting our global operations.

Qualifications Specific Knowledge Intense knowledge in using Splunk Enterprise Security (ES). Intense knowledge in developing and tuning detection use-cases (Correlation Searches) in Splunk based on Data Models. Experience in Machine Learning and Risk Based Monitoring in Splunk is an advantage. Ability to analyse and interpret security logs and events to identify potential threats and attack patterns. Experience in validating data source compliance using the common interface model (CIM). Experience in setting up and utilizing data models in Splunk. Deep understanding of cyber security concepts to create detection use-cases targeting various phases of the attack lifecycle. Understanding of MITRE ATT&CK framework and detections of various tactics and techniques. Experience and capability of creating interactive dashboards, alerts, and reports in Splunk. Experience Degree from a reputable university or significant coursework in Computer Science, Networking, Engineering, or other computer-related fields of study. At least 3 years of experience with demonstrable skillsets in SIEM use-case engineering, with over 5 years of experience in cybersecurity. Previous relevant experience working in a security operational role, ideally within a Corporate, Military, or Police environment; engaging with and responding to a diverse array of internal stakeholders, including senior management. Good emotional intelligence and is a proven team player. Rational and calm under pressure. Fluency in the English language. Effective oral and written communication skills. Good timekeeping ability to cope with tight deadlines and achieve operational objectives. Self-motivated with the ability to carry out assigned tasks with minimum supervision. This position is based in Singapore. A valid and approved work visa is required for employment in Singapore in accordance with local labour law regulations. We regret to inform you that only shortlisted candidates will be notified.

#J-18808-Ljbffr


Salario Nominal: A convenir

Fuente: Jobleads

Requisitos

Analista Servicio Técnico On Site En Rojas

En Algar Tech estamos buscando por Analista de Soporte técnico On site para laborar en el sector de Rojas (Preferiblemente vivir Rojas / Pergamino), con expe...


Algar Tech - Bs. As. (fuera de GBA)

Publicado a month ago

Soporte E Implementador De Aplicaciones

Synchro Technologies S.A, consultora dedicada a brindar soluciones de infraestructura informática se encuentra en la búsqueda de un Técnico implementador de ...


Synchro Technologies S.A - Bs. As. (fuera de GBA)

Publicado a month ago

Asset Manager

¡Sé parte de Stefanini! En Stefanini somos más de 30.000 genios, conectados desde 41 países, haciendo lo que les apasiona y co-creando un futuro mejor. ¡Seg...


Stefanini Latam - Bs. As. (fuera de GBA)

Publicado a month ago

Administrador De La Plataforma Moodle

Nos encontramos en la búsqueda de un Administrador de la Plataforma Moodle para unirse a nuestro equipo y desempeñar un papel clave en la gestión eficiente d...


Federación Médica De La Provincia De Buenos Aires - Bs. As. (fuera de GBA)

Publicado a month ago

Built at: 2024-11-22T14:10:02.568Z