SIEM Administrator (Security Information and Event Management)                                                 

Are you ready to take the journey with us?

EBC invites you to join the ride with us, EBC is the payments technology and infrastructure company connecting consumers, businesses, merchants, financial institutions and the state in Egypt to enable seamless payment experience.

Harnessing technology, fueling innovation and fostering collaboration within the payment ecosystem, EBC provides more individuals and businesses domestically with an access to useful and affordable financial services and payment possibilities.

EBC is well positioned at the heart of the national payment system. With continued support by its shareholders, including the CBE and leading bank in EGYPT, EBC leverages every potential to accelerate adoption of electronic payment and fast track the national transformation into a cashless society.

Job Responsibilities:

• Maintaining SIEM platform stability and health and providing regular and clear communication to the relevant stakeholders
• Monitoring system capacity to ensure that the platform does not encounter resource issues
• Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats
• Manage, develop and tune the scripts that integrate SIEM
• Create technical documentation around the content deployed to the SIEM
• Monitor the impact of deploying new content to the health and performance of the SIEM
• Lead logging enrollments from multi-tier applications into the enterprise logging platforms
• Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
• Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
• Diagnosing and resolving incidents related to the platform
• Resolving any platform issues that may occur within SLA and ensuring that service impact is minimal
• Assessing the impact of all changes that come through in relation to the platform
• Identifying proactive measures to improve performance.
• Responsible for enabling new SIEM alarms from inception, through to tuning
• Regularly checking that alarms within SIEM platform are working through regular testing
• Proactively and reactively tuning alarms and log sources for all clients on the platform
• On-boarding new clients from passed from deployment to ‘business as usual’
• Overseeing upgrades and changes on the SIEM platform

Job Requirements:

• BSc degree (Engineering or Computer science or Information Systems) from reputable and well known university.
• 3-5 Years of experience
• Experience of developing and improving services in a rapidly changing and expanding environment
• Knowledge of SIEM technologies and security tooling Preferable Qradar SIEM.
• Excellent understanding and proven hands-on experience in SIEM concepts such as correlation, aggregation, normalization, and parsing
• Experience with deploying and managing a large SIEM deployment
• Excellent understanding of enterprise logging standards, with a focus on application logging
• Knowledge of security technologies including: Firewall, IDS/IPS/HIDS, Anti-Virus, Vulnerability Scanning
• UNIX OS Administration
• TCP/IP (possesses fundamentals such as the various OSI layers), Routing protocols and technologies
• Security technologies and best practices
• Windows/Unix-specific networking
• Critical thinker and problem solver
• Excellent organizational and time management skills