Cyber Defence - Siem Content Development Specialist - Vois

Vodafone

Bangalore, India
On-site
Siem content development
Elastic (elk) siem
Threat intelligence analysis
Design, develop and fine-tune detection rules and use cases across existing and new SIEM platforms, with a strong focus on Elastic (ELK) and other leading SIEM technologies

Job Summary

  • Design, develop and fine-tune detection rules and use cases across existing and new SIEM platforms, with a strong focus on Elastic (ELK) and other leading SIEM technologies.
  • Analyse attacker behaviour, threat intelligence, MITRE ATT&CK techniques and adversary tooling to create indicator-based and behavioural detections.
  • The opportunity to work at the heart of Vodafone’s global cyber defence capability, protecting customers and critical services at scale.

Matching Summary

Design, develop and fine-tune detection rules and use cases across existing and new SIEM platforms, with a strong focus on Elastic (ELK) and other leading SIEM technologies.

Skills & Requirements

Must-have

  • SIEM content development
  • Elastic (ELK) SIEM
  • threat intelligence analysis
  • MITRE ATT&CK techniques
  • security detection logic
  • log source telemetry analysis

Nice-to-have

  • agile practices
  • secure software development lifecycle
  • continuous improvement
  • collaboration and communication

Key Requirements

  • SOC operations experience
  • SIEM content development experience
  • threat hunting experience
  • security engineering experience
  • experience with Elastic/ELK
  • experience with cloud and endpoint telemetry
  • programming or scripting experience
  • regular expression development capability

Work Rights

Not specified

Tailored Resume

Cover Letter