Offer summary

Qualifications:

5-8 years of hands-on experience with SIEM tools like QRadar, Splunk, Microsoft Sentinel, Elastic Stack., Strong understanding of designing, deploying, and configuring SIEM solutions., Experience integrating log sources such as firewalls, IDS/IPS, network devices, and applications., Knowledge of managing and optimizing SIEM environments, including system upgrades and performance tuning..

Key responsibilities:

Design, deploy, and configure SIEM solutions across various platforms.

Integrate multiple log sources into the SIEM environment for comprehensive monitoring.

Develop and fine-tune correlation rules, dashboards, and alerts for threat detection.

Monitor and analyze logs to identify anomalies and potential security threats.

Job description

About us:

TechBiz Global is a leading recruitment and software development company. Our diverse, globally distributed team provides IT recruitment, outstaffing, outsourcing, software development, and different consulting services with a primary focus on making our partners achieve their business goals successfully.

With headquarters in Germany we have successful clients all over the world. We can understand your unique needs. Our team has handson experience with the challenges that come with rapid growth and the IT sector. That’s why all of our offerings are built with a tech mindset.

Job Summary:

We are seeking for client for a one month project highly skilled and experienced SIEM Engineer with 58 years of handson experience working on Security Information and Event Management (SIEM) tools such as QRadar, Splunk, Microsoft Sentinel, Elastic Stack (Elasticsearch, Logstash, Kibana), and other SIEM platforms. The candidate will be responsible for the design, deployment, configuration, and management of SIEM solutions, ensuring efficient monitoring and proactive threat detection across the organization. This role involves collaboration with security teams to optimize incident detection, analysis, and response processes.

Key Responsibilities:

SIEM Implementation & Configuration:

Design, deploy, and configure SIEM solutions, including Elastic Stack (Elasticsearch, Logstash, Kibana), Wazuh, QRadar, Splunk & Microsoft Sentinel.
Integrate various log sources (e.g., firewalls, IDSIPS, network devices, applications),OTIOT into the SIEM platform.
Develop and finetune correlation rules, dashboards, and alerts for proactive threat detection.
Perform system upgrades, patches, and manage the overall health of the SIEM environment.
Log Management & Monitoring:
Ensure proper log ingestion from multiple data sources, including Elasticsearch and Kibana, and troubleshoot any logging issues.
Maintain data retention policies, manage storage, and optimize SIEM performance.
Monitor and analyze system and security logs for anomalies, potential threats, or suspicious activities.
Elastic Stack Management or any open source like Wazuh:
Configure and maintain Elasticsearch clusters for log storage and search functionality.
Utilize Kibana to create custom dashboards, visualizations, and reports for security monitoring.
Work with Logstash or other log shippers for effective data parsing and enrichment before SIEM ingestion.