SIEM Security Consultant

Professional Services Toronto, Ontario


Description

Role Summary 

A SIEM Security Consultant is a subject matter expert with a focus on SIEM technologies. The role requires a detail-oriented professional who will provide; senior level SIEM support to our pre-sales Team and delivery of SIEM solutions to Herjavec Group customers in a timely manner.

The SIEM Security Consultant will be called upon to understand the customer requirements and recommend the appropriate SIEM solution to meet those requirements. The SIEM Security Consultant will support the SIEM solution with Architecture and Design documentation. This role will be an excellent position for an individual with strong technical, communication, and customer facing skills.

Responsibilities

  • Understand customer requirements and recommend best practices SIEM solutions
  • Offer consultative advice in security principles and best practices related to SIEM operations
  • Design and document a SIEM solution to meet the customer needs
  • Assist in the creation and verification of Statement of Work (SOW) documentation
  • Assist pre-sales with SIEM sizing, Architecture, RFP’s and client technical meetings
  • Deploy and configure the SIEM platform as per Vendor guidelines and industry Best Practices
  • Assist client with technical guidance to configure end log sources in-scope to be logged to the SIEM
  • Verification of data of log sources in the SIEM follow the Common Information Model (CIM)
  • Implement HG’s Alert Framework consisting of Dashboards, Reports and Alerts
  • Document the build of the SIEM solution
  • Transition the client from PS into HG’s Managed Services

Skills and Experience

  • College Diploma or University Degree in Information Security or equivalent work experience
  • Minimum 2 years experience in a similar role
  • Experience with any two or more of the following SIEM products (in order of preference)
    • Splunk
    • IBM QRadar
    • McAfee ESM
    • Sumo Logic
    • RSA Security Analytics
    • HP ArcSight
  • Preferred SIEM Vendor certification of Administrator
  • Herjavec will provide training and certification for the right candidate
  • Experience and proficient in UNIX/Linux and/or Regular Expressions.
  • The following certifications would be considered an asset
  • CISSP
  • CISM
  • CompTIA Security+
  • CEH
  • GSEC

Technical understanding of the following:

  • UNIX, AIX & Solaris, Linux, Windows Server Operating Systems
  • Network/System Intrusion Detection or Prevention Systems (IDS/IPS)
  • Vulnerability scanner/Penetration testing systems
  • Firewalls
  • Security Operations Centre/Information Protection Centre/Computer Incident Response Centre
  • Wireless Networking
  • VPN Communication Protocols
  • Switches/Routers (basic configuration)
  • TCP/IP networking, VPN, VLAN, NAT and security concepts
  • Asset Management
  • Security threat and attack countermeasures
  • Ability to conduct in-depth forensic analytical studies and investigations
  • Familiar with PCI and SOX compliance

Non-Technical Skills:

  • Experience with customer facing engagements
  • Ability to communicate clearly with the customer throughout the entire life cycle of the project
  • Strong troubleshooting, reasoning and problem-solving skills
  • Team player with the ability to work autonomously
  • A desire to strive for improvement in self and work environment