SIEM Onboarding Engineer
South West London, London, United Kingdom
Hybrid / WFH Options
Hybrid / WFH Options
Espire Infolabs Limited
possible. Responsibilities: Device Integration: Work with various business units to identify devices and data sources that need to be onboarded to our SIEM (OpenSearch with Security Analytics). Data Pipeline Management: Configure and manage data collection agents to ensure data is reliably ingested into the SIEM. Automation: Leverage … devices into a SIEM. Hands-on experience with data pipeline management with fluentd nodes and Beats. Experience with sending data to Elasticsearch or OpenSearch clusters. Proven experience in onboarding data from common security data sources to include: Application logs Linux and Windows Servers Firewalls Load balancers and Proxies … orchestrations. Desired Experience: Experience creating and managing automation scripts for deploying and configuring security agents across large environments. Experience in tuning and optimizing OpenSearch or Elasticsearch indexers. Experience with incident response processes and forensic analysis to support investigations and improve threat detection. Experience with cloud-native security tools more »
Employment Type: Permanent, Work From Home
Posted: