At Micro Focus, everything we do is based on a simple idea : The fastest way to get results is to build on what you have.
Our software solutions enable organizations to do just that. Secure and scalable, with analytics built in, they bridge the gap between existing and emerging IT fast-
tracking digital transformations across DevOps, Hybrid IT, Security, and Predictive Analytics. In the race to innovate, Micro Focus customers have the clear advantage.
Our portfolio spans the following areas : DevOps IT Operations Cloud Security Info Governance Big Data, Machine Learning, & Analytics
We are looking for an enthusiastic SIEM Operations Analyst to join our Cyber Security team to analyse, identify, and correlate security log events that may pose a threat to our business.
A SIEM Operations Analyst joining our team will have strong security networking skills and the ability to analyse suspicious network activity and then report or escalate within agreed timescales.
To succeed in this role you will need to have a keen interest in cyber security and be highly motivated when working under pressure.
You will need to have a good eye for detail and the ability to effectively communicate findings through report write-ups and escalate incidents to security operation analysts.
Follow direction from the Senior SIEM Operations lead
Work closely with threat intelligence and investigation analysts to react to knowledge and information shared about the current and changing threat landscape.
Perform analysis and correlation of events of interest’ to identify and detect potential security incidents.
Efficiently and effectively identify potential incidents and escalate according to defined processes and procedures.
Support post-incident report creation and effectively keep a record of incidents and any triage performed.
Provide log analysis to support wider security operation services such as troubleshooting and the tuning of the SIEM tools.
Work to defined SLA’s and KPI’s
Stay up-to-date on IT security news, trends, threat actors, and the threat landscape.
Strong knowledge of TCP / IP layers and protocols.
Experience using SIEM solutions, with preferred experience using ArcSight.
Experience in network packet analysis, with preferred experience using Wireshark.
Experience with scripting languages.
A good understanding of the operation and expected outputs from firewalls, IDPS. EDR, DLP, and AV solutions.
A core understanding of UNIX and Windows based operating systems.
Knowledge of the cyber kill chain and common tactics, techniques, and procedures.
2+ years Experience