Introdução
Claire Joster is currently recruiting for a reference client in the Financial Services area, which intends to strengthen its internal structure with the integration of a Tech Lead SIEM Operations Engineer (m/f).
Função
· Operating and maintaining the current on-premises SIEM platform, including system updates, configuration changes, and hardware service coordination (remotely)
· Performing regular patching and vulnerability mitigation for SIEM infrastructure and auxiliary systems.
· Monitoring and maintaining backup systems and updating detection rules to ensure operational continuity.
· Supporting and maintaining auxiliary systems such as Git servers, rsyslog servers, and other Linux-based services
· Participating in On-Call duty rotations to ensure 24/7 operational support
· Managing approximately 23,000 log sources:
– Ensuring all log sources are active and sending correct data
– Adding new log sources and decommissioning inactive ones
· Verifying data parsing and normalization
· Performing capacity planning and lifecycle management of all components
· Analysing, optimizing, and developing scripts in Python, Bash, or Perl to automate and enhance operations
· Maintaining and improving protocol standards for logging:
– Defining what should be logged
– Testing and rolling out updated standards across the environment
· Coordinating daily operational activities within the SIEM team to ensure smooth execution of tasks and alignment with service expectations
· Acting as a technical escalation point and mentoring junior and mid-level engineers to support their development and ensure knowledge transfer
Requisitos
· Strong hands-on experience with SIEM platform administration and log source management (e.g., Splunk, Elastic, IBM QRadar)
· Proficient in Linux system administration and scripting (Python, Bash)
· Experience with automation tools and CI/CD pipelines
· Exposure to Git and centralized logging systems like rsyslog
· Comfortable working in a high-availability, security-focused environment
· Analytical mindset with strong problem-solving skills
· Excellent communication skills and a proactive, team-oriented attitude
· ITIL Certification or equivalent qualification (Foundational knowledge in IT service management)
· Certification in at least one SIEM solution platform (e.g., Splunk, Elastic, IBM QRadar,) – [Mandatory]
· Linux Professional Certification Level 2 or Red Hat Certified Engineer (RHCE) – [Recommended]
· Cisco Certified Network Associate (CCNA) or equivalent entry-level networking certification – [Recommended]
Oferta
- Long-term contract;
- Competitive package including private health insurance, life insurance and meal allowance (pay by meal card);
- Bonuses and benefits depending on performance;
- Schooling allowance and pension scheme;
- Opportunity to work on an international project and be part of multicultural and multidisciplinary team.