Career Opportunities: SIEM Administrator (61369)
Req ID 61369 - Posted 11/24/2014 - Posting Location (1) - Job Province / State (1) - Job City (1) - Information Technology - Bell Corporate
Bell is a truly Canadian company with over 134 years of success. We are defined by the passion of our team members and their belief in our company’s vast potential.
To ensure we continue to be recognized as Canada’s leading communications company, we’re committed to finding and developing the next generation of leaders. This means creating best-in-class career and development opportunities for our employees.
If you’re passionate, driven and find yourself seeking interesting work, new challenges and continuous learning opportunities, then we want you to join our team.
Bell Business Markets provides a vast array of communications solutions for small, medium, and large organizations. These include managed data and network solutions, cloud computing, conferencing, Web, security solutions and integrated information and communications technology (ICT) services.
Position Description:
The SIEM Administrator is part of a team of technical professionals that works within a protected Security Operations Centre (SOC) in downtown Ottawa to deliver managed security services. In particular, the SIEM Administrator works on a variety of current and future customer contracts – to define and develop the security information and event management requirements and the security operational processes to support the SIEM solution. The SIEM Administrator must have a broad understanding of the entire spectrum of managed security services that the SOC offers to its customers, and a deep understanding of the unique operational and contractual performance requirements of each individual customer. The SIEM Administrator must have, and must maintain thorough knowledge of both technical and operational network security best practices for a wide variety of technology platforms and security services that the SOC supports. The SIEM Administrator will act as a point of escalation for technical issues that may occur during off hours. Mentoring and training Security Analysts may be required. A high level of customer interaction is expected of the SIEM Administrator therefore top-notch communications skills (both verbal and written) is essential.
Job Duties/Accountabilities:
The successful candidate will be accountable for the following:
* Act as a subject matter expert for SIEM solutions that offer enterprise class log collection, aggregation, and correlation capabilities for a wide variety of platforms
* SIEM ArcSight SmartConnector, ESM and Logger Installation\Configuration\maintenance
* Plan, design and develop content rules for SIEM solutions, including documenting detailed use cases, event response workflows, architecture diagrams, sizing guidelines, and customized reports for existing clients and potential new clients
* Provide guidance toward integration of threat feeds into the SOC
* Analyze clients’ requirements and assess impacts of those requirements
* Work in close cooperation with clients to identify and recommend changes to their existing managed SIEM solution;
* Research and validate technical SIEM requirements and draw up network diagrams and data flows to support solutions
* Defining customer requirements with a focus on Security Information and Event Management (SIEM) solutions at an Enterprise level
* Developing detailed SIEM content and use cases, performing requirements analysis and producing design documents including functional and technical specifications
* Participating in the implementation of SIEM Solutions meeting customer requirements
* Providing technical support services to develop and maintain integrated SIEM solutions
* Determining monitoring requirements designs and specifications for each customer’s needs
* Configuring and validating SIEM connections, testing use cases and identifying security gaps
* Contributing to continuous growth of the security solutions practice through mentorship, identification of new opportunities and development of SIEM solutions
Critical Qualifications/Competencies:
* Completion of University or College program related to networking/IT Security or at least 5 years experience working with SIEM solutions
* Working knowledge of SIEM solutions (preferably HP ArcSight) – formal and hands-on training will be provided by Bell to increase knowledge and skills to the necessary level
* Solid working knowledge of syslog and SNMP
* Excellent communication, presentation and relationship skills, especially the ability to articulate advanced technical topics and build consensus among business and technical constituents
* Ability to translate complex and ambiguous requirements into actionable SIEM components
* Ability to lead less experienced analysts through a solution
* Holds a vendor or industry professional-level certification in at least one network or security discipline
* SECRET security clearance required (or ability to attain one)
* Bilingual would be an asset – but not required
BCE:WKP #Feature *LI-JW TC:ITN
Additional Information:
Position Type: Management
Position Level: CP2
Job Location: Canada : Ontario : Ottawa
Application Deadline: 12/15/2014
Please apply directly online to be considered for this role. Applications through email will not be accepted.
Bell is committed to fostering an inclusive, equitable, and accessible environment where all employees and customers feel valued, respected, and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live and serve, and where every team member has the opportunity to reach their full potential.
Created: Canada, Ontario, Ottawa
Req ID 61369 - Posted 11/24/2014 - Posting Location (1) - Job Province / State (1) - Job City (1) - Information Technology - Bell Corporate
Bell is a truly Canadian company with over 134 years of success. We are defined by the passion of our team members and their belief in our company’s vast potential.
To ensure we continue to be recognized as Canada’s leading communications company, we’re committed to finding and developing the next generation of leaders. This means creating best-in-class career and development opportunities for our employees.
If you’re passionate, driven and find yourself seeking interesting work, new challenges and continuous learning opportunities, then we want you to join our team.
Bell Business Markets provides a vast array of communications solutions for small, medium, and large organizations. These include managed data and network solutions, cloud computing, conferencing, Web, security solutions and integrated information and communications technology (ICT) services.
Position Description:
The SIEM Administrator is part of a team of technical professionals that works within a protected Security Operations Centre (SOC) in downtown Ottawa to deliver managed security services. In particular, the SIEM Administrator works on a variety of current and future customer contracts – to define and develop the security information and event management requirements and the security operational processes to support the SIEM solution. The SIEM Administrator must have a broad understanding of the entire spectrum of managed security services that the SOC offers to its customers, and a deep understanding of the unique operational and contractual performance requirements of each individual customer. The SIEM Administrator must have, and must maintain thorough knowledge of both technical and operational network security best practices for a wide variety of technology platforms and security services that the SOC supports. The SIEM Administrator will act as a point of escalation for technical issues that may occur during off hours. Mentoring and training Security Analysts may be required. A high level of customer interaction is expected of the SIEM Administrator therefore top-notch communications skills (both verbal and written) is essential.
Job Duties/Accountabilities:
The successful candidate will be accountable for the following:
* Act as a subject matter expert for SIEM solutions that offer enterprise class log collection, aggregation, and correlation capabilities for a wide variety of platforms
* SIEM ArcSight SmartConnector, ESM and Logger Installation\Configuration\maintenance
* Plan, design and develop content rules for SIEM solutions, including documenting detailed use cases, event response workflows, architecture diagrams, sizing guidelines, and customized reports for existing clients and potential new clients
* Provide guidance toward integration of threat feeds into the SOC
* Analyze clients’ requirements and assess impacts of those requirements
* Work in close cooperation with clients to identify and recommend changes to their existing managed SIEM solution;
* Research and validate technical SIEM requirements and draw up network diagrams and data flows to support solutions
* Defining customer requirements with a focus on Security Information and Event Management (SIEM) solutions at an Enterprise level
* Developing detailed SIEM content and use cases, performing requirements analysis and producing design documents including functional and technical specifications
* Participating in the implementation of SIEM Solutions meeting customer requirements
* Providing technical support services to develop and maintain integrated SIEM solutions
* Determining monitoring requirements designs and specifications for each customer’s needs
* Configuring and validating SIEM connections, testing use cases and identifying security gaps
* Contributing to continuous growth of the security solutions practice through mentorship, identification of new opportunities and development of SIEM solutions
Critical Qualifications/Competencies:
* Completion of University or College program related to networking/IT Security or at least 5 years experience working with SIEM solutions
* Working knowledge of SIEM solutions (preferably HP ArcSight) – formal and hands-on training will be provided by Bell to increase knowledge and skills to the necessary level
* Solid working knowledge of syslog and SNMP
* Excellent communication, presentation and relationship skills, especially the ability to articulate advanced technical topics and build consensus among business and technical constituents
* Ability to translate complex and ambiguous requirements into actionable SIEM components
* Ability to lead less experienced analysts through a solution
* Holds a vendor or industry professional-level certification in at least one network or security discipline
* SECRET security clearance required (or ability to attain one)
* Bilingual would be an asset – but not required
BCE:WKP #Feature *LI-JW TC:ITN
Additional Information:
Position Type: Management
Position Level: CP2
Job Location: Canada : Ontario : Ottawa
Application Deadline: 12/15/2014
Please apply directly online to be considered for this role. Applications through email will not be accepted.
Bell is committed to fostering an inclusive, equitable, and accessible environment where all employees and customers feel valued, respected, and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live and serve, and where every team member has the opportunity to reach their full potential.
Created: Canada, Ontario, Ottawa