Description:

This role is working with the Security Engineering and Architecture (SEA) team, within the Corporate Security area.

We are looking for someone who will assist the SEA team with the following tasks:

Improving parsing and rules within the Bank's SIEM platforms (QRadar, Sentinel), in partnership with the SOC.

Assisting as required with advanced detections and filtering.

Providing platform support when required (patching applications, etc).

Assisting with development of device configuration standards (log generators).

Assisting with validating correct collection and quality of log collection.

Other duties as required, as the team works with changing priorities and in response to internal customer demands.

Perfect candidate:

The perfect candidate will be an experienced Security Specialist - Logging Specialist who has extensive real-world experience with log management and SIEM solutions. This would include tools such as QRadar, Sentinel, rsyslog, Windows Event Forwarding, logstash, fluentd, etc. They would also be familiar with typical enterprise logging sources and log source management.

They will understand priorities and deliver tasks with minimal supervision, but also suggest improvements and nominate tasks themselves. They need to be able to work well with customers to understand requirements in an informal setting, to rapidly deliver improvements.

Tasks & Responsibilities:

Perform tasks such as the following:

Create parsers in QRadar.

Assist with rule generation in QRadar and Sentinel.

Validate log sources are logging correctly.

Work with the SOC (and business areas) to ensure key devices are producing logs in compliance with policy and standards.

Assist with improving the Bank's overall logging strategy.

Assisting with maintenance and upgrades.

Other duties as required.

Must haves:

Experience with log management and SIEM solutions in an enterprise environment, such as ideally with QRadar, Azure Sentinel and Windows Event Forwarding, or similar tools (Splunk, Elasticsearch, Logstash, Fluentd, Rsyslog, Syslog-ng).

Experience in Cybersecurity would be ideal or System/Infrastructure loggin background could be considered.

Knowledge with Linux/Unix logging (eg, syslog, journalctl, auditd).

Ability to digest and understand user requirements and implement them properly in an existing tech stack.

Job Title: Security Specialist

Location: Basel, Switzerland

Job Type: Contract

TEKsystems, an Allegis Group company. Allegis Group AG, Aeschengraben 20, CH-4051 Basel, Switzerland. Registration No. CHE-101.865.121. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website.

To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website.

We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.