SIEM Configuration & Management Specialist F/M

Location 92-HAUTS-DE-SEINE, France
Experience level Experienced Hire
Job details sector Information Technology
Apply before Date not available
Job purpose
  • Elaborate configuration required to implement the use cases
  • Configure and maintain tools and devices used by the SOC team
  • Configure and manage the logs collection from the operational environment into log aggregator tools for processing 

Key Responsibilities
 
SOC Config & Maintenance
  • Engage with the Configuration & Management Lead to develop and produce ISOPS SOC technology platform configuration settings to support implementation of specific use cases
  • Elaborate the configuration settings to assist L2 analyst to visualize the functioning of the use case from a monitoring, detection and reporting point of view.
  • Ensure the configuration settings are in line with ISOPS Log management, security monitoring policy and standard requirements, vendor recommended settings as applicable and achieve use case objectives.
  • Test and validate the configuration settings on available dev/ test platforms and assist L2 Analyst
  • Develop roll back plans to support the Use case roll back in case of implementation failure.
  • Assess time required to complete the implementation of the configuration settings on the Production SOC technology platform. Advise and seek wider ISOPS team support as needed to implement changes required for non-SOC platforms.
  • Engage with Configuration & Management Lead to schedule configuration implementation as per AXA ISOPS change management process and raise change management requests to support implementation of the change.
  • Implement configuration settings on the core technology platform on the agreed change and maintenance windows.
  • Engage with SOC Lead L2 Analyst to assist in onboarding and analysis of new use cases.
  • On successful implementation of the configuration change, update relevant configuration documentation.
  • Support Internal and external third party audits on SOC configuration settings and the supported use cases
  • Produce relevant use case documentation to support L2 Analyst training on new use cases.
 
Security Log Management
  • Develop a standardised implementation and configuration plan for Log collectors and aggregators in line with SOC technical standards and Log management standards.
  • Ensure log collector implementation plan meets the SOC architecture and technical design requirements including data quality and normalisation requirements
  • Define performance thresholds for Log collectors and aggregators in line with SOC use case and monitoring requirements
  • Engage with ISOPS network and IT Architects to identify log collection and aggregation deployment points within the ISOPS network.
  • Engage with Configuration and Management lead and raise change request as per AXA change management process.
  • Implement the log collector and aggregators as per approved change request and on successful implementation of change request update applicable SOC technical documents.
  • Engage with SOC Lead L2 Analyst to assist in onboarding and analysis of new log streams and data
  • Engage with SOC Lead L2 Analyst to define and set log collection and aggregation thresholds and error alerts
  • Regularly monitor the capacity and performance of the log collectors and aggregators and proactively develop plans to support current and future trends.
  • Support the development of advisory artefacts on log formats, protocols and adapters to support collection of logs from new devices and infrastructures
  • Resolve technical and operational problems related to log collection and aggregation.
 
Skill development
  • Identify technical training requirements based on the Log and SOC Technology platform maintenance and management requirement.
  • Engage with Configuration & Management Leads to develop training plans
  • Participate in vendor trainings and pass relevant technical certifications to demonstrate skill and support on-going and future technical SOC tool config management.
  • Participate in vendor sponsored and other public forums to gain knowledge of Log and SOC technology configuration management techniques.


Qualifications
 
Education
  • Bachelor degree in Computer Science, Engineering, or related field.
  • An MSc Information Security would be desirable but is not essential
Certification
  • Information Security and/or Information Technology industry certification (CISSP, CISM, or equivalent) preferred but not essential
  • SIEM specific vendor technology qualifications
Overall work experience in the field
  • Experience in Information Security field - 4  years
  • Background as a L1/L2 SOC analyst preferred but not essential
  • Proven experience in security engineering and SIEM tools e.g. HP Arcsight
Skills / abilities
  • Cross cultural sensitivity, flexibility
  • Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
  • Good interpersonal and communication skills, works effectively as a team player
  • Ability to function effectively in a matrix structure
  • Good analytical skills
  • Fluent in English



Would you like to wake up every day driven and inspired by our noble mission and to work together as one global team to empower people to live a better life?  Here at AXA we strive to lead the transformation of our industry. We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things. 
In a fast-evolving world and with a presence in 64 countries, our 166,000 employees and exclusive distributors anticipate change to offer services and solutions tailored to the current and future needs of our 103 million customers.

To support our business strategy and digital transformation, AXA is building a new Group Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business.
Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.



At AXA, we lead a an HR policy that encourages diversity, maintains your  professional and private life balance and accelerates the skills and career development : promotion of diversity, remuneration policy, training device, ... Discover everything that makes AXA an employer of choice.
Whatever your job is, we strive to offer you career opportunities. Our goal is to develop your skills to support the transformation of our changing business.