Senior Security Engineer with ArcSight

We are SIEM, Security Information and Event Management.

We are responsible form implementations and maintenance of the SIEM infrastructures for internal and external Customers. We need to ensure constant security monitoring of IT critical assets and correlation of Security Events. We are working with multi-vendor platforms.

Job which allow you to know advanced SIEM technologies. You will be responsible for ensure proper log collection from many types of servers. It will help you to manage the powerful application to understand and analyze all the data. Any wrong user behavior/pattern will be monitored and notified. Moreover, we collect and manage PB (peta bytes) of data and a thousand of alerts. Our portfolio and our team are getting bigger and bigger each year, thus new technologies and challenges make this job interesting. You have a chance to become a member of Security Information and Event Management(SIEM) team, which is a part of Big Data and Security(BDS) division.

Your main duties will consist of:

• Arrangements of connectivity/storage/equipment for purposes of SIEM environments,
• Implementing security monitoring rules in a SIEM tooling, according to the business needs,
• You can help with creation of high level and low-level design of SIEM infrastructure,
• Furthermore, building SIEM infrastructure for new customers during onboarding projects,
• Creation of high level and low-level design of SIEM infrastructure,
• Reporting progress of above tasks to Project Managers.

1. If you have two of the following – apply, if more than two - you MUST apply:

• Linux knowledge (at least be familiar with management on CLI level, Rsyslog, network interface management, storage management) - must have
• Minimum one experience as ArcSight SIEM administrator - must have
• Experience in Linux administration and networking troubleshooting,
• General Security knowledge,
• Understanding of security monitoring and identification concepts,
• Knowledge and demonstrable experience of Installing, Administrating, Configuring ArcSight SIEM,
• Understanding of Project Management concepts.

2. Things we are looking for :

This is not a list of requirements but rather a combined checklist of our team’s soft skills so if you’re able to cover couple of these then it means you’re looking at the right job description:

• Ability to work well in an international team,
• Methodical and disciplined approach to work,
• Good analytical skills,
• Good interpersonal skills,
• Experience in working with customers,
• English spoken and written on at least B2 Level

• Full-time contract of employment,
• Toolset: - Ticketing tools (SDM, ServiceNow) - SIEM applications: Mcafee ESM, Sentinel - Linux (Redhat, SuSE - SLES, Debian, Ubuntu) - Scripting in Perl, Python, Bash - VMware ESXi Remote work: 1 day per week, optionally we may agree for more (remote work possibility after a probation period),
• Work hours: 08:00-16:00 and 10:00-18:00,
• On call duty: yes (optionally after a probation period) - rotating between team members,
• Location: Bydgoszcz, Kraszewskiego 1 street, Business Park,
• Employee performance review: every half year,
• Flexible workplace environment,
• Support form colleagues: every new employee is assigned to more experienced one who is called “a buddy”. A buddy it is not only a teacher, this is a person who inspires you and from whom you can “steal” job know-how.
• In cheerful atmosphere, in goal oriented teams, with focus on tasks that have meaning for us, for our clients and for future Cyber Security landscape. Curious? - have a look.