Loading...
Share this Job
Apply now »

SIEM Data Engineer

SIEM Data Engineer

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
5+ years' experience in SIEM Technologies 

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology.

Position Summary


In order to complete our Nestlé Global Cyber Security Operations Centre, we are currently looking for a SIEM Data Engineer.
 
As a SIEM Data Engineer you will lead the security data integration design, implementation and quality assessment to the security analytics platform in order to contribute to the threat detection use cases and incident response process of the Nestlé Cyber SOC.
 
You will act as the reference person for data on-boarding to the various SIEM and data processing solutions and key technical contact for the data sources owners in order to ensure the constant coverage, quality and health of the security relevant logs. You will be part of a dedicated product team aiming to provide the best-in-class cyber threats detection capabilities in order to improve the Nestlé business resilience along the Cyber Kill Chain. You will also work closely with other specialized security teams and solution owners in order to determine the asset and threat coverage gaps based on standard threat modeling frameworks such as MITRE ATT&CK or OWASP. Overall, you will play an active role supporting the SIEM correlation rules and data science machine learning models by providing real-time log shipping, streaming, parsing, enrichment and normalization of the data.
 

A day in the life of...

 


 

  • Lead the SIEM data sources on-boarding activities in collaboration with the managed service provider
  • Act as Single Point of Contact (SPOC) for the data sources stakeholders within Nestlé SOC, Nestlé IT Organization or its external providers in order to design and implement the SIEM integration
  • Deploy and configure data feed collectors to support new technologies
  • Develop new parsers, data enrichments and normalization to Common Event Format (CEF) and Splunk Common Information Model (CIM)
  • Ensure the data quality and identify any gaps in the security event collection
  • Take the ownership of the security events lifecycle and data flows across all our components such as log shippers, data stream processor, message bus, SIEM and data lake.
  • Support the SIEM use cases development and production release
  • Develop and deploy our SIEM infrastructure and content leveraging DevOps CI/CD Pipelines, Infrastructure as a Code, Git Repository, Wiki Documentation and Cloud services.
  • Oversee the delivery of administrative operations performed by third party provider including SIEM data feeds and infrastructure health monitoring, health checks, troubleshooting, performance optimization, IT and Cloud infrastructure administration, security and costs.
  • Participate actively in the Cloud modernization and migration of our security monitoring and alerting infrastructure as part of the global Nestlé IT Journey to Cloud program.

What will make you successful

 

 

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree (an additional 3 years of experience may be substituted in lieu of a degree)
  • 5+ years of proven experience and technical skills in SIEM technologies for large environment (Splunk, ArcSight, Azure Sentinel), with log shippers, log formats and source data for SIEM analysis
  • Strong understanding of log collection, streaming, correlation and threat detection
  • Expertise with Windows, Linux and UNIX platforms (security or system administration)
  • REST API and Syslog familiarity
  • Scripting and parsers development (e.g. Python, Regex)
  • Proficient in normalization to Common Event Format (CEF) and/or Splunk Common Information Model (CIM)
  • Attention to detail, strong analytical skills and efficient problem solving
  • Experience with effective communication at different levels in the organization and in English
  • Experience having worked in a global environment and with virtual teams.

 
These would be a plus:

  • Knowledge of data streaming and message bus technologies (e.g. Cribl LogStream, Kafka, Azure Event Hubs)
  • Technical and security knowledge of at least one of the leading Cloud platforms (e.g. Azure, AWS, GCP)
  • Experience with DevOps CI/CD Pipelines, Git Repository and Containers technologies
  • Relevant technical and industry certifications (e.g. Splunk, ArcSight, Microsoft, SANS, ISC2).

 

We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. 
 

If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
5+ years' experience in SIEM Technologies 

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology.

Position Summary


In order to complete our Nestlé Global Cyber Security Operations Centre, we are currently looking for a SIEM Data Engineer.
 
As a SIEM Data Engineer you will lead the security data integration design, implementation and quality assessment to the security analytics platform in order to contribute to the threat detection use cases and incident response process of the Nestlé Cyber SOC.
 
You will act as the reference person for data on-boarding to the various SIEM and data processing solutions and key technical contact for the data sources owners in order to ensure the constant coverage, quality and health of the security relevant logs. You will be part of a dedicated product team aiming to provide the best-in-class cyber threats detection capabilities in order to improve the Nestlé business resilience along the Cyber Kill Chain. You will also work closely with other specialized security teams and solution owners in order to determine the asset and threat coverage gaps based on standard threat modeling frameworks such as MITRE ATT&CK or OWASP. Overall, you will play an active role supporting the SIEM correlation rules and data science machine learning models by providing real-time log shipping, streaming, parsing, enrichment and normalization of the data.
 

A day in the life of...

 


 

  • Lead the SIEM data sources on-boarding activities in collaboration with the managed service provider
  • Act as Single Point of Contact (SPOC) for the data sources stakeholders within Nestlé SOC, Nestlé IT Organization or its external providers in order to design and implement the SIEM integration
  • Deploy and configure data feed collectors to support new technologies
  • Develop new parsers, data enrichments and normalization to Common Event Format (CEF) and Splunk Common Information Model (CIM)
  • Ensure the data quality and identify any gaps in the security event collection
  • Take the ownership of the security events lifecycle and data flows across all our components such as log shippers, data stream processor, message bus, SIEM and data lake.
  • Support the SIEM use cases development and production release
  • Develop and deploy our SIEM infrastructure and content leveraging DevOps CI/CD Pipelines, Infrastructure as a Code, Git Repository, Wiki Documentation and Cloud services.
  • Oversee the delivery of administrative operations performed by third party provider including SIEM data feeds and infrastructure health monitoring, health checks, troubleshooting, performance optimization, IT and Cloud infrastructure administration, security and costs.
  • Participate actively in the Cloud modernization and migration of our security monitoring and alerting infrastructure as part of the global Nestlé IT Journey to Cloud program.

What will make you successful

 

 

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree (an additional 3 years of experience may be substituted in lieu of a degree)
  • 5+ years of proven experience and technical skills in SIEM technologies for large environment (Splunk, ArcSight, Azure Sentinel), with log shippers, log formats and source data for SIEM analysis
  • Strong understanding of log collection, streaming, correlation and threat detection
  • Expertise with Windows, Linux and UNIX platforms (security or system administration)
  • REST API and Syslog familiarity
  • Scripting and parsers development (e.g. Python, Regex)
  • Proficient in normalization to Common Event Format (CEF) and/or Splunk Common Information Model (CIM)
  • Attention to detail, strong analytical skills and efficient problem solving
  • Experience with effective communication at different levels in the organization and in English
  • Experience having worked in a global environment and with virtual teams.

 
These would be a plus:

  • Knowledge of data streaming and message bus technologies (e.g. Cribl LogStream, Kafka, Azure Event Hubs)
  • Technical and security knowledge of at least one of the leading Cloud platforms (e.g. Azure, AWS, GCP)
  • Experience with DevOps CI/CD Pipelines, Git Repository and Containers technologies
  • Relevant technical and industry certifications (e.g. Splunk, ArcSight, Microsoft, SANS, ISC2).

 

We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. 
 

If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs

Apply now »