Tenece Professional Services Ltd., a leading provider of technology-based enterprise solutions across Africa, is seeking a highly motivated and detail-oriented SIEM Support Engineer to join our team in Lagos, Nigeria. As a crucial member of our Support team, you will play a key role in supporting, maintaining, and enhancing our security information and event management (SIEM) infrastructure built on ArcSight and Elastic.
RESPONSIBILITIES
SIEM Support and Maintenance:
-Provide day-to-day operational support for both ArcSight and Elastic SIEM platforms, ensuring optimal performance and uptime.
– Troubleshoot and resolve issues related to log collection, data ingestion, and rule execution.
– Maintain accurate and up-to-date documentation for SIEM configurations and procedures.
ArcSight and Elastic Expertise:
– Possess in-depth knowledge of ArcSight and Elastic SIEM platforms, including their functionalities, configurations, and best practices.
– Stay informed about the latest updates and features for both platforms to ensure continuous improvement and optimization.
-Assist customers with complex SIEM configurations and incident investigations when
needed.
ArcSight and Elastic Expertise:
– Possess in-depth knowledge of ArcSight and Elastic SIEM platforms, including their functionalities, configurations, and best practices.
– Stay informed about the latest updates and features for both platforms to ensure continuous improvement and optimization.
-Assist customers with complex SIEM configurations and incident investigations when
needed.
Log Management:
-Monitor log sources and security events generated by both SIEM platforms for potential threats and anomalies.
-Analyze and investigate suspicious activities, escalating critical issues to senior engineers for further action.
-Contribute to the development and maintenance of log management policies and
procedures.
Security Incident Response:
-Participate in the incident response process by providing technical support and analysis of security events from both SIEM platforms.
-Participate in the incident response process by providing technical support and analysis of security events from both SIEM platforms.
Rule and Content Development:
-Create and customize correlation rules to identify and respond to security incidents.
-Develop and enhance content to enrich the detection capabilities of the ArcSight and
Elastic platforms.
Collaboration and Communication:
-Collaborate effectively with the SOC team, IT teams, and other stakeholders to ensure smooth operation and efficient security incident response.
-Communicate clearly and concisely, both verbally and in writing, to document issues,
solutions, and recommendations.
Continuous Learning:
-Proactively stay updated on the latest cybersecurity threats, SIEM technologies, and industry best practices.
-Participate in training and development opportunities to enhance your skills and
knowledge.
QUALIFICATIONS AND REQUIREMENTS:
-Bachelor’s degree in computer science, Information Technology, or a related field.
-2 years experience as an Elastic or ArcSight Engineer or in a similar role.
-In-depth knowledge of Elastic SIEM, ArcSight ESM, Logger, Connectors, and other related components.
-Strong understanding of cybersecurity principles, threat detection, and incident response.
-Experience in scripting (e.g., Python, PowerShell) for automation and customization.
-Relevant certifications such as ArcSight ESM Administrator or equivalent.
-Excellent communication and collaboration skills.
-Ability to work independently and as part of a team in a fast-paced environment.