Job Description
The Senior Information Security Engineer is responsible for developing and implementing security solutions to protect the organization’s IT infrastructure, data, and systems. The ideal candidate will have a strong understanding of cybersecurity best practices and a proven track record of success in implementing and managing security solutions. The Senior Information Security Engineer will manage SIEM content, and monitor and detect cyber security threats & incidents. The ideal candidate is highly motivated, intellectually curious, and analytical. The role requires a blend of cybersecurity experience and highly developed communication skills. The purpose of this role is to enhance security monitoring tooling, detections, and incident response capabilities using SIEM solutions to provide a single view of the environment.
Responsibilities
- Develop and implement security strategies and plans
- Manage and maintain security infrastructure
- Conduct security risk assessments and audits
- Investigate and respond to security incidents
- Train and educate employees on security best practices
- Stay up-to-date on the latest security threats and trends
- Work closely with the Engineering, Application Support, Cloud Support, and various Business Teams to improve existing security monitoring and deliver resilient and comprehensive security solutions
- Onboard data to the required standards, maintain and tune log sources, data contents, and use cases
- Provide evidence of compliance for our audited environments (including PCI, ISO27001, ISAE3000, etc)
- Define how logs should be parsed and ingested for best practice
- Engage with other teams to ensure that the SIEM is performing to standard with all necessary logging sources monitored
- Analyse, design, and deliver solutions to detect and stop adversaries
- Propose additional Security Monitoring Use Cases
- Define thresholds and baselines to aggregate similar events then write correlation rules
- Ensure SIEM technologies are integrated & utilized to protect cyber-related assets
- Support the operation of the comprehensive SIEM platform
- Analyse SOC alert statistics and workflows to reduce false positives and increase fidelity.
- Manage and improve SIEM infrastructure to improve detection flexibility and reliability.
- Build pipelines to enrich logs and alert results to provide a comprehensive view for SOC analysts.
- Research new security technologies
- Support relationships with 3rd party vendors to enhance monitoring
- Contribute to requirements for other security (and allied) technologies such as Endpoint/Network Detection & Response, Intrusion Detection/Prevention, Web Proxies, etc
Qualification
- Bachelors degree in computer science, information security, or a related field
- 5+ years of experience in cybersecurity
- Strong understanding of cybersecurity best practices
- Proven track record of success in implementing and managing security solutions
- Excellent communication and interpersonal skills
- Ability to work independently and as part of a team
- Senior-level experience within a logging and monitoring function, with functional knowledge of a Security Operations Centre, preferably within a Regulated Financial Services business
- Familiar with different log onboarding techniques in Splunk including Syslog, HTTP event, Universal Forwarder, DB Connect, and API queries
- Has the ability to write SPL and use and populate data models
- Previous experience in an audited environment complying with common regulation standards
- Experience with other common Security Monitoring Technologies
- Knowledge of global security and reporting standards such as NIST and MITRE
- Common cloud-based platform technology experience is beneficial
- Delivery mindset supported by the ability to execute in a complex technical environment
- Experience collaborating cross-functionally to identify and implement best practice security, logging, and monitoring processes
- Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner
- CISSP, GIAC certifications, or equivalent
- Familiarity with Indicators of Compromise (IoCs), Indicators of Attack (IoAs), ATT&CK Tools, Techniques and Procedures (TTPs)
- Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner
- The ideal candidate is a technically inclined and experienced security specialist who enjoys working in a fast-paced collaborative team environment
- Flexible to provide on-call support 24/7 in the future if required
Location: Lagos State, Nigeria.
Apply: SENIOR INFORMATION SECURITY ENGINEER