Retour aux offres  |  Offre d’emploi

SOC Use Case Developer (F/H)

Site 92-HAUTS-DE-SEINE, France
Niveau d’expérience Expérimentés
Métier Informatique
Postuler avant le Date non renseignée

Job purpose

  • Elaborate configuration required to implement the use cases
  • Configure and maintain tools and devices used by the SOC team
  • Configure and manage the logs collection from the operational environment into log aggregator tools for processing 

Key Responsibilities


SOC Config & Maintenance

  • Engage with the Configuration & Management Lead to develop and produce ISOPS SOC technology platform configuration settings to support implementation of specific use cases
  • Elaborate the configuration settings to assist L2 analyst to visualize the functioning of the use case from a monitoring, detection and reporting point of view.
  • Ensure the configuration settings are in line with ISOPS Log management, security monitoring policy and standard requirements, vendor recommended settings as applicable and achieve use case objectives.
  • Test and validate the configuration settings on available dev/ test platforms and assist L2 Analyst
  • Develop roll back plans to support the Use case roll back in case of implementation failure.
  • Assess time required to complete the implementation of the configuration settings on the Production SOC technology platform. Advise and seek wider ISOPS team support as needed to implement changes required for non-SOC platforms.
  • Engage with Configuration & Management Lead to schedule configuration implementation as per AXA ISOPS change management process and raise change management requests to support implementation of the change.
  • Implement configuration settings on the core technology platform on the agreed change and maintenance windows.
  • Engage with SOC Lead L2 Analyst to assist in onboarding and analysis of new use cases.
  • On successful implementation of the configuration change, update relevant configuration documentation.
  • Support Internal and external third party audits on SOC configuration settings and the supported use cases
  • Produce relevant use case documentation to support L2 Analyst training on new use cases.


Security Log Management

  • Develop a standardised implementation and configuration plan for Log collectors and aggregators in line with SOC technical standards and Log management standards.
  • Ensure log collector implementation plan meets the SOC architecture and technical design requirements including data quality and normalisation requirements
  • Define performance thresholds for Log collectors and aggregators in line with SOC use case and monitoring requirements
  • Engage with ISOPS network and IT Architects to identify log collection and aggregation deployment points within the ISOPS network.
  • Engage with Configuration and Management lead and raise change request as per AXA change management process.
  • Implement the log collector and aggregators as per approved change request and on successful implementation of change request update applicable SOC technical documents.
  • Engage with SOC Lead L2 Analyst to assist in onboarding and analysis of new log streams and data
  • Engage with SOC Lead L2 Analyst to define and set log collection and aggregation thresholds and error alerts
  • Regularly monitor the capacity and performance of the log collectors and aggregators and proactively develop plans to support current and future trends.
  • Support the development of advisory artefacts on log formats, protocols and adapters to support collection of logs from new devices and infrastructures
  • Resolve technical and operational problems related to log collection and aggregation.


Skill development

  • Identify technical training requirements based on the Log and SOC Technology platform maintenance and management requirement.
  • Engage with Configuration & Management Leads to develop training plans
  • Participate in vendor trainings and pass relevant technical certifications to demonstrate skill and support on-going and future technical SOC tool config management.
  • Participate in vendor sponsored and other public forums to gain knowledge of Log and SOC technology configuration management techniques.



Qualifications

Education
  • Bachelor degree in Computer Science, Engineering, or related field.
  • An MSc Information Security would be desirable but is not essential
Certification
  • Information Security and/or Information Technology industry certification (CISSP, CISM, or equivalent) preferred but not essential
  • SIEM specific vendor technology qualifications
Overall work experience in the field
  • Experience in Information Security field - 4  years
  • Background as a L1/L2 SOC analyst preferred but not essential
  • Proven experience in security engineering and SIEM tools e.g. HP Arcsight
Skills / abilities
  • Cross cultural sensitivity, flexibility
  • Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
  • Good interpersonal and communication skills, works effectively as a team player
  • Ability to function effectively in a matrix structure
  • Good analytical skills
  • Fluent in English



Aimeriez-vous vous lever chaque jour motivé(e) par une mission inspirante et travailler en équipe pour permettre de protéger les personnes et leurs proches? Chez AXA nous avons l’ambition de mener la transformation de notre métier. Nous cherchons des personnes talentueuses ayant une expérience diversifiée, qui pensent différemment, et qui veulent faire partie de cette transformation passionnante en challengeant le statu quo et faire d’AXA – marque globale leader et une des sociétés les plus innovantes dans notre secteur – une entreprise encore plus performante et responsable.
Dans un monde en perpétuelle évolution et avec une présence dans 64 pays, nos 166 000 salariés et distributeurs privilégiés anticipent le changement pour offrir des services et solutions adaptés aux besoins actuels et futurs de nos 103 millions de clients.

Pour soutenir notre stratégie d'entreprise et notre transformation numérique, AXA met en place "AXA Group Security" afin d'assurer une réponse coordonnée à la cyber menace croissante, permettre une gestion du risque cohérente au sein de l'organisation et établir les moyens durables de sécurité intégrés au business.
Notre vision "Information Security" est de protéger efficacement nos parties prenantes en sécurisant nos ressources d'information et en gérant notre cyber risque par une stratégie business portée par la direction et par tous les employés d'AXA.


Chez AXA, nous menons une politique RH engagée qui favorise la diversité, préserve l’équilibre vie privée-vie professionnelle et accélère le développement des compétences et des carrières : promotion de la mixité, politique de rémunération, dispositif de formation,…
Quel que soit votre métier, nous veillons à vous offrir des perspectives d’évolution et des opportunités de carrières. Notre objectif est de développer vos talents et vos compétences pour accompagner les transformations de notre entreprise en pleine mutation.