SOC Use Case Development
- Collaborate with Configuration & Development Lead to identify and assist in developing use cases for the Security Operations Centre.
- Conduct workshops with Configuration & Development Lead and ISOPS stakeholders to validate and finalise the initial list of SOC Use Cases.
- Collaborate with Configuration & Development Lead, ISOPS Security Architects, Security SMEs and Consultants to finalise and define requirements on SOC Use case.
- Develop and produce detailed documentation for each SOC use cases including the end to end full lifecycle of delivery of the use case and roles and responsibility within the SOC team to deliver and fulfil the use case requirement.
- Collaborate with Config & Management Lead and Config & Management team to plan and develop a schedule for implementation and change required to the Security Information and Event Management (SIEM) platform and the supporting SOC process.
- Ensure the SIEM platform tool is configured with detailed Use case requirements and configuration details to implement the use cases and there are supporting SOC processes.
- Engage with Head of SOC, Config & Management Lead to prioritise use case implementation schedule.
- Collaborate with Config & Development Lead, Security SME to identify data quality and upstream device log configuration change requirements.
- Engage with Config & Management Lead and Config & Management team to finalise the schedule and develop specific test case and regression testing for the SIEM platform to validate functionality on implementation of the use cases.
- Plan and raise Change Management requests for Non-SIEM device configuration change to implement Use cases in line with SIEM use case implementation schedule
- Engage with Config & Management team to oversee the implementation of the Use Case on the SIEM platform.
- Engage Security SME’s, Internal and external consultants to test and validate the use case implementation. Collaborate with Config & Management to oversee test results and implementation
- Update service catalogue and other relevant documentation on successful completion of the Use case
- Conduct regular SIEM vendor briefings to understand product upgrades, roadmap of features. Participate in Security threat and monitoring forums to learn and keep abreast of the latest changes to the SIEM technology and good practices.
Bachelor degree in Computer Science, Engineering, or related field.
An MSc Information Security would be desirable but is not essential
Information Security and/or Information Technology industry certification (CISSP, CISM, or equivalent) preferred but not essential
SIEM specific vendor technology qualifications
Overall work experience in the .field
Experience in Information Security field - 4 years
Background as a L1/L2 SOC analyst preferred but not essential
Proven experience in SIEM tools e.g. HP Arcsight and use case development
Skills / abilities
Cross cultural sensitivity, flexibility
Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
Good interpersonal and communication skills, works effectively as a team player
Ability to function effectively in a matrix structure
Good analytical skills
Fluent in English
Would you like to wake up every day driven and inspired by our noble mission and to work together as one global team to empower people to live a better life? Here at AXA we strive to lead the transformation of our industry. We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things.
In a fast-evolving world and with a presence in 64 countries, our 166,000 employees and exclusive distributors anticipate change to offer services and solutions tailored to the current and future needs of our 103 million customers.
To support our business strategy and digital transformation, AXA is building a new Group Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business.
Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.
At AXA, we lead a an HR policy that encourages diversity, maintains your professional and private life balance and accelerates the skills and career development : promotion of diversity, remuneration policy, training device, ... Discover everything that makes AXA an employer of choice.
Whatever your job is, we strive to offer you career opportunities. Our goal is to develop your skills to support the transformation of our changing business.