Siem Engineer

Rockwell Automation is a global technology leader focused on helping the world s manufacturers be more productive sustainable and agile With more than 28 000 employees who make the world better every day we know we have something special Behind our customers - amazing companies that help feed the world provide life-saving medicine on a global scale and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better We welcome all makers forward thinkers and problem solvers who are looking for a place to do their best work And if that s you we would love to have you join us Job Summary In this role you will be an integral part of the IT organization The candidate need to have a demonstrated understanding of Information Security Computer Networking the Software Development Life Cycle SDLC and an extensive experience in interacting with customers Candidate must have Security Information and Event Management SIEM expertise and be willing to get trained on the company platform and products You will report to the Cyber Security Manager Your Responsibilities This is a technical hands-on role to focus on maintaining the SIEM platform working with team members and stakeholders as well as training and enabling teams for successful adoption of the SIEM platform Manage platform agent and appadd-on log source integration upgrades Develop alerts reports data models dashboards and connectors to support custom user requirements Recognise patterns and inconsistencies that could indicate complex cyber-attacks Develop SIEM correlation rules to detect new threats beyond current capabilities Assist with designing and documenting work processes Perform log file analysis as and when required Develop recommendations in collaboration with other team members to maximise Enterprise capabilities in prevention detection analysis containment eradication and recovery from cyber-attacks Contribute to CTI Cyber Threat Intelligence data gathering reporting and analysis activities Leverage automation and orchestration solutions to automate repetitive tasks Research and explore new avenues to by using the latest technologies and cybersecurity standards The Essentials - You Will Have Bachelor s degree in cyber security Computer Science Information Systems Software Engineering Computer Engineering or related field or equivalent work experience Typically requires a minimum of 6 years of experience in the Information Security field 1 years of experience in SIEM and UEBA solutions such as Splunk LogRhythm and Elastic Understanding of log collection methodologies and aggregation techniques such as Syslog NXlog and Windows Event Forwarding Working knowledge of cloud platforms such as AWS Azure and GCP The Preferred - You Might Also Have Strong knowledge of at least one programming or scripting language ex Python PowerShell PHP Perl is preferrable Understanding of security models and frameworks ex MITRE ATT CK MITRE D3FEND Cyber Kill Chain CKC Demonstrated experience providing customer-driven solutions or service Ability to communicate effectively with all levels of an organisation from Engineering Operations to C-level audiences Security certifications Security GSEC GCIH GCIA CISSP NCSF etc will be an added advantage Sentinel and Datalake experience are preferrable Familiar with Risk-based Alerting RBA frameworks and implementation Experienced in architecting planning deploying and using SIEM or UEBA platforms Experienced in integrating or using endpoint security and host-based intrusion detection solutions Extensive knowledge and understanding of directory services Demonstrated experience in one of the following fields Cyber Threat Intelligence Incident Response or Computer Forensics is preferrable Having solid knowledge of one or more programming or scripting language such as Python PowerShell PHP and Perl is preferrable What We Offer Our benefits package includes Comprehensive mindfulness programmes with a premium membership to Calm Volunteer Paid Time off available after 6 months of employment for eligible employees Company volunteer and donation matching programme - Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation Employee Assistance Program Personalised wellbeing programmes through our OnTrack programme On-demand digital course library for professional development and other local benefits At Rockwell Automation we are dedicated to building a diverse inclusive and authentic workplace so if you re excited about this role but your experience doesn t align perfectly with every qualification in the job description we encourage you to apply anyway You may be just the right person for this or other roles LI-Hybrid LI-RS1 Rockwell Automation s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays Tuesdays and Thursdays unless they have a business obligation out of the office