SIEM Onboarding Engineer

Role: SIEM Onboarding Engineer

Location: Europe(100% Remote)

Rate: Euro 280/Day(It’s Max rate)

Must have skills: Infra Knowledge, networking Basic understanding, SIEM tools understanding, AWS, Information Security understanding, Elastic Search-Knowledge, Wazuh

Working Hour: UK working hour

Job Description:

The SIEM Onboarding Engineer plays a critical role in enhancing our organization’s security posture by integrating various devices and data sources into our SIEM environment, utilizing OpenSearch. The SIEM Onboarding Engineer will work closely with business units to identify devices for onboarding, manage the data pipeline, and assist other engineers in configuring their data sources to provide a resilient pipeline. The SIEM Onboarding Engineer will approach each system to be onboarded methodically while using our automation tool whenever possible.

Responsibilities:

• Device Integration: Work with various business units to identify devices and data sources that need to be onboarded to our SIEM (OpenSearch with Security Analytics).
• Data Pipeline Management: Configure and manage data collection agents to ensure data is reliably ingested into the SIEM.
• Automation: Leverage automation scripts and tools to streamline the deployment and configuration of data collection agents across multiple devices.
• Collaboration: Collaborate with security engineers and other stakeholders to ensure seamless integration and optimal performance of the SIEM.

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Monitoring and Troubleshooting: Monitor the data pipeline for issues, troubleshoot problems, and implement fixes to maintain data integrity and system reliability.
• Documentation: Maintain comprehensive documentation on the onboarding processes, configurations, and troubleshooting procedures.
• Compliance and Security: Ensure all data collection and onboarding processes comply with organizational security policies and industry best practices.

Required Experience:

• Hands-on experience with onboarding new devices into a SIEM.
• Hands-on experience with data pipeline management with fluentd nodes and Beats.
• Experience with sending data to Elasticsearch or OpenSearch clusters.
• Proven experience in onboarding data from common security data sources to include:
• Application logs
• Linux and Windows Servers
• Firewalls
• Load balancers and Proxies
• AWS services

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Familiarity with cloud infrastructure and services including IAM, VPCs, and container orchestrations.

Desired Experience:

• Experience creating and managing automation scripts for deploying and configuring security agents across large environments.
• Experience in tuning and optimizing OpenSearch or Elasticsearch indexers.
• Experience with incident response processes and forensic analysis to support investigations and improve threat detection.
• Experience with cloud-native security tools and services

Desired Qualifications:

• Advanced coursework in Computer Science or Information Technology, or equivalent experience.
• Bachelor’s Degree in a related field, or equivalent industry experience.
• Relevant industry certifications such as CISSP, CISM, SANS GIAC, CEH, LPT, etc.