About this role
SUMMARY OF ROLE AND OBJECTIVES:
Security Integrations, Engagement & Metrics is the bridge between GSC Information Security and our stakeholders (RISOs, ITISCs, Business) ensuring service excellence in the delivery of our security services. The team drives strategic security initiatives and fosters continuous improvement to protect critical business assets and enable confident growth.The Information Security Consultant – Security Integrations is responsible for the roadmap, design, product ownership and vendor management for the concerned SOC tools. It includes strategic project consultancy and implementation, but also L3 support and automations.”From operational perspective, the Information Security Consultant – Security Integrations is accountable for the configuration, successful deployment and daily operations of the security tool(s) in his/her scope.ROLE & OBJECTIVES:
Specific Assignments:
The main responsibilities of an Information Security Consultant – Security Integrations are:
Act as the subject matter expert for the Eurofins in scope SIEM/Log Management/SOAR solutionEnsure operational stability and performance of the in scope SIEM/Log Management/SOAR solutionDocument and maintain SIEM/Log Management/SOAR solutionMonitor and recommend improvements for any of the in-scope solutionsEnsure Operations are run correctly by preparing relevant trainings and SOPs for the staff.Provide L3 technical support to our customersAnalyse, troubleshoot, and remediate issues with the SIEM, Log Management or SOAR solution.Engage external tools/service providers to troubleshoot complex issueOther Assignments:
Incorporate change and patch management for the in-scope solution.Provide support to manage SIEM/Log Management/SOAR components, parsing/normalization of logs, rule engine, log storage, source device, log collection and event monitoringBuild and maintain client relationships both internally and externally.Support the Security Group in day-to-day activities.Provide expert level project consultancy Minimum of 6 years of operational experience in a Security or Security oriented IT role (cybersecurity, IT Operations etc.)Required
Solid experience in deploying, managing or operating large scale SIEM or log management solution(s). Good practical experience in debugging Linux/Windows based operating systemsSolid understanding ofCloud technologies and conceptsSecurity threats and attack vectorsLog management conceptsThe workings of networking technologies, firewalls, proxies etc.Ability to understand large scale and complex IT infrastructuresPractical experience with Azure/AWS Environment enterprise environmentsPractical experience with observability platformsAbility to document processes and proceduresAppreciated
Experience in security Incident detection and management.Experience managing DNS, and web filtering/proxyKnowledge of the MITRE ATT&CK / D3FEND framework.Knowledge of SOC2/NIST/ISO27001Project coordination or structural follow up/action tracking experience.Personal profile
Very good English communication skills (concise writing and orally convincing).Very good interpersonal relation skills at all levels of the organization.Ability to translate technical requirements to non-technical people.Ability to work in a complex international environment.Eager to learn and continuously develop personal and technical capabilities.Education required:
M.Sc. or comparable education in Information Technology or Information Security.Languages: fluent English (B2/C1). Professional working proficiency in English is a requirement, including the ability to read, write and speak in English.