Loading...
Share this Job
Apply now »

SIEM Engineer - Security Operations Center

SIEM Engineer - Security Operations Center

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Position Snapshot

 

Location: Global IT Hub (Barcelona)
Full-time position

About IT in Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape and digital transformation of the FMCG industry. We work with leading technologies and solutions to enable Nestle to engage with millions of consumers worldwide. We transform how we use data with machine learning, advanced analytics, and introduce automation to drive industry 4.0 opportunities in areas including supply chain and manufacturing.

Position Summary


In order to complete our Security and Compliance Department, we are currently looking for a Security Operations Center – SIEM Engineer.
 

In this position, you will perform design, management and configuration tasks related to the SIEM and data analytics platform, along with data feed on-boarding, capacity planning and content development. You will be part of a dedicated product team aiming to provide the best-in-class cyber threats detection capabilities in order to improve the Nestlé business resilience along the Cyber Kill Chain. The successful candidate will work closely with other specialized security teams and solution owners in order to determine the asset and threat coverage gaps based on standard threat modeling frameworks such as MITRE ATT&CK or OWASP. Together with external SOC services, you will also monitor infrastructure, applications and information flows to identify a potential cyber-attack or intrusion (event) and determine if the cyber-attack is a real, malicious threat (incident), and whether it could have a business impact. Furthermore, you will define and create use cases and scenarios to address new threats and improve the security monitoring and alerting capabilities.

A day in the life of...

 

  • Definition, planning and implementation of SIEM and data analytics platform architecture changes
  • Integration of new business entities and IT solutions to the security monitoring infrastructure
  • Development of data feed collectors in order to integrate new technologies
  • Oversight of administrative operations performed by third party provider including operating system security hardening, backup management, capacity planning, version/patch management, and lifecycle upgrade management
  • Identification of security monitoring use cases based on the corporate risk management and threat modeling analysis
  • Design and implementation of SIEM content (e.g. searches, alerts, reports and dashboards) based on defined use cases
  • Maintain key relationships with both internal and external stakeholders.
What will make you successful

 

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree (an additional 3 years of experience may be substituted in lieu of a degree).
  • Minimum 2-3 years’ experience on cyber security background including incident detection and response, as well as threat modeling
  • Experience and technical skills in SIEM technologies for large environment (ArcSight, Splunk, QRadar), with log formats and source data for SIEM analysis
  • Technical and security knowledge of at least one of the leading Cloud platforms (e.g. AWS, Azure, GCP)
  • Solid expertise with Windows, Linux and UNIX platforms (security or system administration)
  • Security hardening skills including network, OS and applications layers
  • REST API and Syslog familiarity
  • Scripting and parsers development (e.g. Bash, PowerShell, Python)
  • Relevant technical and industry certifications are a plus, e.g. GIAC, OCSP, CEH certifications.
  • Strong problem solving and analytical skills
  • Excellent communication at different levels in the organization and in English.
  • Experience having worked in a global environment and with virtual teams.



We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from people who have the courage to challenge; believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers.

If this is you and you want to make an impact globally, join us and there will be no limits to your career. #makeITpossible at Nestlé

 

 

Position Snapshot

 

Location: Global IT Hub (Barcelona)
Full-time position

About IT in Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape and digital transformation of the FMCG industry. We work with leading technologies and solutions to enable Nestle to engage with millions of consumers worldwide. We transform how we use data with machine learning, advanced analytics, and introduce automation to drive industry 4.0 opportunities in areas including supply chain and manufacturing.

Position Summary


In order to complete our Security and Compliance Department, we are currently looking for a Security Operations Center – SIEM Engineer.
 

In this position, you will perform design, management and configuration tasks related to the SIEM and data analytics platform, along with data feed on-boarding, capacity planning and content development. You will be part of a dedicated product team aiming to provide the best-in-class cyber threats detection capabilities in order to improve the Nestlé business resilience along the Cyber Kill Chain. The successful candidate will work closely with other specialized security teams and solution owners in order to determine the asset and threat coverage gaps based on standard threat modeling frameworks such as MITRE ATT&CK or OWASP. Together with external SOC services, you will also monitor infrastructure, applications and information flows to identify a potential cyber-attack or intrusion (event) and determine if the cyber-attack is a real, malicious threat (incident), and whether it could have a business impact. Furthermore, you will define and create use cases and scenarios to address new threats and improve the security monitoring and alerting capabilities.

A day in the life of...

 

  • Definition, planning and implementation of SIEM and data analytics platform architecture changes
  • Integration of new business entities and IT solutions to the security monitoring infrastructure
  • Development of data feed collectors in order to integrate new technologies
  • Oversight of administrative operations performed by third party provider including operating system security hardening, backup management, capacity planning, version/patch management, and lifecycle upgrade management
  • Identification of security monitoring use cases based on the corporate risk management and threat modeling analysis
  • Design and implementation of SIEM content (e.g. searches, alerts, reports and dashboards) based on defined use cases
  • Maintain key relationships with both internal and external stakeholders.
What will make you successful

 

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree (an additional 3 years of experience may be substituted in lieu of a degree).
  • Minimum 2-3 years’ experience on cyber security background including incident detection and response, as well as threat modeling
  • Experience and technical skills in SIEM technologies for large environment (ArcSight, Splunk, QRadar), with log formats and source data for SIEM analysis
  • Technical and security knowledge of at least one of the leading Cloud platforms (e.g. AWS, Azure, GCP)
  • Solid expertise with Windows, Linux and UNIX platforms (security or system administration)
  • Security hardening skills including network, OS and applications layers
  • REST API and Syslog familiarity
  • Scripting and parsers development (e.g. Bash, PowerShell, Python)
  • Relevant technical and industry certifications are a plus, e.g. GIAC, OCSP, CEH certifications.
  • Strong problem solving and analytical skills
  • Excellent communication at different levels in the organization and in English.
  • Experience having worked in a global environment and with virtual teams.



We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from people who have the courage to challenge; believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers.

If this is you and you want to make an impact globally, join us and there will be no limits to your career. #makeITpossible at Nestlé

 

 

Apply now »