CASY-MSCCN Jobs

SIEM/SOC Specialist, Cybersecurity

General Information

Req #

WD00072366

Career area:

Information Technology

Country/Region:

Brazil

State:

São Paulo

City:

Sao Paulo

Date:

Thursday, October 17, 2024

Working time:

Full-time

Additional Locations :

• Brazil - São Paulo - São Paulo

• Brazil - São Paulo - Sao Paulo

Why Work at Lenovo

We are Lenovo. We do what we say. We own what we do. We WOW our customers.

Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).

This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com , and read about the latest news via ourStoryHub (https://news.lenovo.com/) .

Description and Requirements

Primary Responsibilities

• Provide engineering, operation and enhancement of the SIEM, SOC platform tools and data collection and analysis systems.

• Develop, deploy, and tune tools content and reporting.

• Assist in the design, architecture and implementation of use cases, detection rules, integration and workflows automation

• Analyze existing use case catalogue and correlation rules implemented as well as automation workflows.

• Cooperate with the other team members in correlation searches development and testing.

• Prepare correlation search test, conduct test and document evidence from test that shows correlation search addresses scenario described in use case.

• Cooperate with log source onboarding project to assure correct log source onboarding and log mapping to data models according to SOC tools best practices.

• Responsible for the creation of procedures, runbooks, high-level/low-level documentation, implementation of processes and development of staff in relation to SOC tools detection logic.

• Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems and SOC tools.

Knowledge and skills

• 3+ years of hands-on SIEM experience.

• Direct experience with SOC tools engineering and data integration.

• Scripting and development skills in Python/Perl with deep comprehension of regular expressions.

• General networking and security knowledge.

• Experience with building intricate searches from disparate data sources and joining them together

• Versed in building threat detections (correlation rules) using security logs to detect malicious activity with high fidelity

• Knowledge of security logging for Linux, Windows, major EDRs, Firewalls, & Active Directory

• The ability to aggregate and analyze logs from various deployed security devices.

• Familiarity with DevOps and cloud computer service providers (AWS / Azure)

Additional Locations :

• Brazil - São Paulo - São Paulo

• Brazil - São Paulo - Sao Paulo

• Brazil

• Brazil - São Paulo

• Brazil - São Paulo - São Paulo , * Brazil - São Paulo - Sao Paulo