EPAM is seeking a seasoned Security Architect with a strong SIEM (Security Information and Event Management) deployment and migration background. The ideal candidate will have good experience in architecture, design, implementation, migration, and optimization of modern SIEM solutions in highly regulated environments like finance and insurance among others. The ideal candidate should also have a background working within an Enterprise SOC with proven hands-on experience in detection and response to security events and incidents.
The architect will work closely with the client to understand the current and target state of the SIEM solutions. The most successful candidate will be a strong technologist with a practical approach to designing SIEM solutions within large enterprises. This candidate must be able to effectively collaborate with the client’s cyber security teams and SOCs to deliver optimal results. In addition, the SIEM Architect must be able to clearly and successfully communicate with a demonstrated understanding of the business and technical requirements of the client.
Responsibilities
1. Lead the design, deployment, and configuration of SIEM solutions, ensuring seamless integration with various security tools, systems, and log sources.
2. Plan and execute SIEM migration projects, including data transfer, log source integration, rule/alert migration, and configuration tuning.
3. Develop, customize, and fine-tune SIEM use cases, correlation rules, dashboards, and reports to effectively detect threats and suspicious activities.
4. Integrate diverse log sources such as firewalls, IDS/IPS, antivirus, cloud services, applications, and operating systems into the SIEM for comprehensive monitoring.
5. Collaborate with the SOC (Security Operations Center) team to support further use case creation and fine-tuning following SOC team requirements.
6. Regularly review and optimize SIEM performance to ensure efficient log collection, storage, processing, and alerting.
7. Maintain comprehensive documentation for SIEM configurations, integrations, client, and migration processes, providing regular reports on SIEM performance.
8. Train and mentor junior security engineers and SOC analysts on SIEM use, best practices, and troubleshooting.
9. Work closely with IT, security, and network teams to ensure the SIEM platform aligns with security strategies and goals.
#J-18808-Ljbffr