About the position
Defense SIEM and CSOC SME Engineer, you will be responsible for:
- Subject Matter Expert (SME) for Cyber SIEM and CSOC Solutions
- Leading deployments for Cyber Defence Solutions and Technology
- Coordinating Cybersecurity Teams incase of a Market Breach, especially Incidents impacting Multiple markets
- Providing Cyber defense guidance with MPA, with markets and Stakeholders
- SPOC for the Cloud based Security Datalake and ensure security logs from all markets are updated
- Guiding and Managing L1 Cyber resources
- Lead MPA and markets Cyber teams in M-Pesa cyber incident detection and response;
- Supporting the Integration of Systems into SIEM and Maintaining it;
- Develop use cases for SIEM analysis;
- Create Alerts, Reports and Dashboard for the SIEM;
- Support on Cyber Defense tools customization and development for data feeds;
- Threat intelligence deployment and integration;
- Run Purple team gap analysis session;
- Cyber Defense Systems performance and resource optimization;
- Act as an operational team lead in the configuration, management and upgrade of a wide variety of other security products/appliances
- Troubleshoot and remediate Level 1/2/3 issues impacting Cybersecurity operations
- Facilitate implementation, management and optimization of Cyber Security policies, standards and procedures;
- Drive standards of excellence to achieve the Cyber Security strategy
- Improvement of the Cyber security posture of the company through several initiatives, including but not limited to Cyber Security Baselines.
Qualifications
- Degree in Electrical Eng/Computer Science/information Technology or equivalent Technology-related degree
- At least two professional Cyber Qualification: CISSP/CISM/CISA
- Advanced competencies in Network Security: CCNP or CCIE (Security)
- Advanced competencies in Microsoft, Linux or Unix Operating Systems administration
- Advance competencies experience in Information Security Technologies
Skills and Experience
- Minimum of FIVE years CyberSecurity experience with Security logging and Monitoring Tools for Cloud and On-prem systems: including SIEM, EDR and Threat Hunting tools
- Minimum of ONE year CyberSecurity experience with Intrusion Prevention Systems, Web Application Firewalls, VPN administration, Content Filters, Security Scanning tools.
- Minimum of 1-year focused Security experience in Incident Management, Intrusion Analysis, Network troubleshooting or Reverse Engineering.
- Experience in design, delivery and support of Information Security solutions to customers will be and added advantage.
- Good communication skills and team player.
- Experience in the use of security tools.
- Project management skills, and proven task execution (getting things done).
- Superior Report writing skills.
- Analytical Thinking.
I
Desired Skills:
- SIEM
- CSOC
- Cybersecurity
- EDR
- Incident management
- SOC
- Arcsight
- AWS Cloud
Desired Work Experience:
Desired Qualification Level: