Specialist CSOC/SIEM/DLP Engineer
hace 1 semana
Location: Prague, Czech Republic; Barcelona, SpainCSOC Engineering will be an integral part of the Novartis Cyber Security Operations Center (CSOC). The CSOC is an advanced global team passionate about the active defence against the most sophisticated cyber threats and attacks. By leveraging various tools and resources, the CSOC Engineer will help to proactively detect, investigate, and mitigate both emerging and persistent threats that pose a risk to Novartis' networks, systems, users, and applications.The main objective of the CSOC Engineering is to design, develop, implement, and manage dataflow pipelines and integrate them with SIEM platforms such as Sentinel and Splunk. The Data onboarded to SIEM will be crucial for CSOC Analysts and the content development and SOAR Engineers to develop monitoring alerts and automation playbooks.Collaboration with internal and external stakeholders, including Novartis' internal teams, external vendors, and Product/Platform engineers, will be a crucial aspect of this role. The CSOC Engineer will work closely with Application owners to understand and integrate various datasources. This may involve utilizing services such as Cribl, Syslog NG, Azure Monitoring Agent, Universal Forwarder to list a few.Furthermore, the CSOC Engineering Lead will work in close partnership with the CSOC stakeholders, including TDR, THR, Forensic, Content Development, and SOAR teams. Their expertise and collaboration will be instrumental in quickly resolving any Data onboarding requests or resolving any issues with the detection rule on security tools such as SIEM, DLP, EDR.Overall, the CSOC Engineering role is pivotal in ensuring the proactive defense of Novartis' critical assets, systems, and infrastructure against the ever-evolving landscape of cyber threats.About the RoleYour key responsibilities:Data OnboardingEvaluate and onboard new data sources, performing data analysis for identifying anomalies and trends, and developing dashboards and visualizations for data reporting.Collaborate with CSOC engineers, Threat Hunters, and CSOC Analysts to gather requirements and develop solutions.Troubleshoot and provide support for onboarding issues with platforms like Sentinel, Splunk, and Cribl.Validate and ensure proper configuration and implementation of new logics with security system and application owners.Perform data normalization, establish datasets, and develop data models.Manage backlog of customer requests for onboarding new data sources.Detect and resolve issues in various data sources, implementing health monitoring for data sources and feeds.Identify opportunities for automation in data onboarding and proactively detect parsing/missing-data issues.Content Development and AutomationDesign and create security detection rules, alerts, and Use Cases utilizing platforms such as SIEM, DLP, EDR, and WAF.Develop robust detection mechanisms to identify and respond to potential security threats across various security technologies.Collaborate with cross-functional teams to understand risks and develop effective detection strategies that align with organizational security goals.Regularly review and enhance existing detection rules and Use Cases to ensure their effectiveness and alignment with emerging threats and vulnerabilities.What you’ll bring to the role:University working and thinking level, degree in business/technical/scientific area or comparable education/experienceGood general security knowledge and general IT infrastructure technology and systems knowledge.Firsthand experience of Security tools like Splunk, Sentinel, DLP, XDR and understanding of security systems (such as AV, IPS, Proxy, FWs).Direct experience managing Data ingestion pipeline through Cribl.Security use-case design and developmentUnderstanding of SOAR and experience in Security Engineering tasks such as SIEM alert creation, SOAR playbook developmentDevelopment experience in python (SDKs), and experience in scripting and Automation for Security tools.An understanding of error messages and logs displayed by various software.Understanding of network protocols and topologies.Strong technical troubleshooting and analytical skills.Experience in configuring Data collection Endpoints, connectors and parsers.Good knowledge of collectors/forwarder components, integrating Security tools using API, syslog, cloud etc.Strong communication skills, with experience reporting to and communicating with senior level management (with and without IT background, with and without in depth risk management background) on incident response topics.Experienced IT administration with broad and in-depth technical, analytical and conceptual skills.A knowledge of the MITRE ATT&CK frameworkYou’ll receive (Prague only):Monthly pension contribution matching your individual contribution up to 3% of your gross monthly base salary; Risk Life Insurance (full cost covered by Novartis); 5-week holiday per year; (1 week above the Labour Law requirement); 4 paid sick days within one calendar year in case of absence due to sickness without a medical sickness report; Cafeteria employee benefit program – choice of benefits from Benefit Plus Cafeteria in the amount of 12,500 CZK per year; Meal vouchers in amount of 90 CZK for each working day (full tax covered by company); public transportation allowance; MultiSport Card.
#J-18808-Ljbffr
-
Sr. Specialist DDIT ISC CSOC Engineering
hace 1 mes
España Advanced Accelerator Applications (Italy) - S... A tiempo completoJob ID: REQ-10023688Date: Sep 30, 2024SummaryLocation: Prague, Czech Republic; Barcelona, SpainCSOC Engineering will be an integral part of the Novartis Cyber Security Operations Center (CSOC). The CSOC is an advanced global team passionate about the active defense against the most sophisticated cyber threats and attacks. By leveraging various tools and...
-
Siem Engineer
hace 2 semanas
España buscojobs España A tiempo completoAre you a SIEM expert looking for a new challenge? Join our cybersecurity team to detect and mitigate threats in real time!WHAT CHALLENGE WILL YOU BE TAKING ON?As a SIEM Engineer, in the Cybersecurity and Infrastructure division, you will be in charge of the design, deployment, configuration, and maintenance of the SIEM platforms in the different secure...
-
SIEM engineer
hace 1 mes
España GMV Spain A tiempo completoAre you a SIEM expert looking for a new challenge? Join our cybersecurity team to detect and mitigate threats in real time!WHAT CHALLENGE WILL YOU BE TAKING ON?As a SIEM Engineer, in the Cybersecurity and Infrastructure division, you will be in charge of the design, deployment, configuration and maintenance of the SIEM platforms in the different secure...
-
SIEM and Threat Detection Engineer
hace 1 mes
España DSM A tiempo completoSIEM and Threat Detection EngineerBarcelona, SpainHybridAs an SIEM and Detection Engineer, you will be at the forefront of safeguarding dsm-firmenich against digital threats.You'll design, implement, and manage dsm-firmenich SIEM solution, identifying and mitigating security threats in real-time. Your expertise will drive our proactive defense strategies,...
-
MDR/SIEM Engineer
hace 2 semanas
España DXC Technology A tiempo completoDXC TechnologyDXC Technology helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private, and hybrid clouds.DXC Technology is a global professional services company whose mission is to lead the digital transformation of our clients...
-
QRadar SIEM Engineer
hace 1 mes
España UST Global A tiempo completoRole description CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST...
-
SIEM cybersecurity engineer
hace 1 mes
España GMV A tiempo completoIf the washing machine program is the only one you can’t figure out.... Your place is with us! We are expanding our teams in the cybersecurity sector to take on international projects. You can work with us from our offices in Madrid, Seville, Barcelona or Zaragoza. We´ll get to the point; we'll tell you what's not on the web. If you want to know more...
-
Siem/Soar Engineer
hace 2 semanas
España buscojobs España A tiempo completoAccenture, recognized as a Great Place To Work, is a leading global professional services company that helps major businesses, public administrations, and other organizations around the world develop their digital core, optimize their operations, accelerate revenue growth, and improve services for citizens, creating tangible value at speed and scale.Would...
-
Responsable Proyectos Cloud
hace 3 semanas
España Joboss A tiempo completoComo parte esencial de nuestro equipo en nuestro centro de Alcobendas, buscamos incorporar varias personas para realizar tareas de Gestión de Proyectos, en nuestro mercado de Defensa, de cara al programa FCAS.Éstas serían sus responsabilidades:Soporte al Chief Engineer en la participación en los foros internacionales del programa defendiendo la...
-
Responsable Proyectos Cloud
hace 4 semanas
España Hihired A tiempo completoQueremos incorporar 2 RESPONSABLES DE PROYECTOS CLOUD en compañía global de soluciones tecnológicas en el mercado de Defensa (programa FCAS).Responsabilidades:Soporte al Chief Engineer en la participación en los foros internacionales del programa defendiendo la estrategia de la compañía.Soporte al Chief Engineer en la elaboración y revisión de...
-
España GMV A tiempo completoJefe/a de proyectos de ciberseguridad, híbrido - Madrid¿Quieres liderar un equipo consolidado del sector de ciberseguridad y enfrentarte a nuevos retos? GMV somos un grupo tecnológico con amplia experiencia en la coordinación de proyectos de selección y despliegue de tecnologías de seguridad participando también en la ejecución de los mismos.¿A QUÉ...
-
Cyber Security Specialist
hace 1 mes
España Recooty A tiempo completoCyber Security Specialist Barcelona, Catalonia, Spain 08 May 2019 Job Responsibilities Working collaboratively to detect and respond to information security incidents and vulnerabilities, maintaining and following procedures for security events alerting and security vulnerabilities reports, and participating in security investigations and mitigations, the...
-
L2 SOC Analyst
hace 1 mes
España Integrity360 A tiempo completoLevel 2 CyberSOC AnalystTitle: Level 2 CyberSOC AnalystJob type: Full-Time PermanentSalary: Negotiable / DOEAbout UsIntegrity360 is one of Europe's leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security services for our 300+ clients. With...
-
Cybersecurity Project Manager
hace 1 mes
España GMV Spain A tiempo completoDo you want to lead a consolidated team in the cybersecurity sector and take on new challenges? GMV is a technology group with extensive experience in the coordination of security technology selection and deployment projects, also participating in their execution.WHAT CHALLENGE WILL YOU BE TAKING ON?In our team you will lead cybersecurity projects in which...
-
Ref .: Equipment Engineer Specialist. Madrid
hace 2 semanas
España buscojobs España A tiempo completoRef . : Equipment Engineer Specialist. Madrid1- EDUCATION - ROLES :University degree in engineering. Specialty in mechanical, equipment, Solids Treatment.Position roles and responsibilities :Issuing purchases in the technical area of the project.Generate technical definitions of the project.Review and approval of equipment.Responsible for cost, schedule and...
-
Analista Ciberseguridad
hace 2 semanas
España buscojobs España A tiempo completoJob DescriptionNecesitamos incorporar para un proyecto estable un Analista de Ciberseguridad con experiencia en SOC L2.La modalidad de trabajo es híbrida: dos días en oficinas (Madrid, zona Julián Camarillo) y tres días teletrabajo.Las funciones serán:Colaborar con diferentes equipos para realizar un seguimiento y mejorar los indicadores clave de...
-
Consultor/a Ciberseguridad
hace 1 mes
España Zemsania A tiempo completoDescripción **CONSULTOR/A CIBERSEGURIDAD - REMOTO**: **Empresa: Zemsania**: Zemsania, empresa líder en servicios tecnológicos, se encuentra en la búsqueda de un/a **Consultor/a de Ciberseguridad** para un emocionante proyecto remoto. Nos encontramos seleccionando para uno de nuestros clientes un perfil con al menos 2 años de experiência en diseño de...
-
Cyber Security Engineer
hace 2 semanas
España buscojobs España A tiempo completoDescription of functions:The Cyber Security Engineer is a hands-on security professional who provides technical knowledge and leadership to OmniAccess security solutions and services. You will lead, design, and deploy our security solutions for our customers and will play a key role in the evolution of our SOC. You will enhance our threat detection...
-
Associate Director, DDIT ISC Detection
hace 3 semanas
España ES06 (FCRS = ES006) Novartis Farmacéutica, S.A. A tiempo completoJob ID REQ-10029004Location: Prague, Czech Republic; Barcelona, SpainSummaryThe Detection and Response Associate Director will be an integral part of the Novartis Cyber Security Operations Center (CSOC). The Novartis CSOC is an advanced security team that has reinvented Security Operations. It is comprised of a global team passionate about defending Novartis...
-
Associate Director, Ddit Isc Detection
hace 2 semanas
España buscojobs España A tiempo completoNovartisWorking together, we can reimagine medicine to improve and extend people’s lives.Location: Prague, Czech Republic; Barcelona, SpainThe Detection and Response Associate Director will be an integral part of the Novartis Cyber Security Operations Center (CSOC). The Novartis CSOC is an advanced security team that has reinvented Security Operations. It...
