Role Proficiency:

Provide support across SIEM or EDR technologies for global customers and ensure that the platforms are functioning as expected. Conduct checks and perform basic triage for global customers under minimal supervision and guidance of senior team members.

Outcomes:

Conduct Health checks for a single or multiple platform types following guidance. Escalate issues observed. Forward to a senior team member for review to ensure proper visibility of issues before they become incidents. Where appropriate assist with service requests for platform types such as access requests to ensure optimal delivery for internal and external stakeholders. Participate in maintenance activities to help with improving understanding of the architecture of platforms supported as well as self awareness building proficiency for supported toolsets. Develop skills around the cyber security methodologies and requirements for the various platform technologies which are being supported providing efficient customer service Follow relevant in-life processes tracking any escalation pipelines and pathways required to ensure consistency of application provided to the customer.

Measures of Outcomes:

Percent of Adherence to processes and methodologiesa.Percent of adherence to SLAs for in life ticketing processesb.Percent of adherence to workflows and the completeness of audit trails for any activities Productivity score maintaineda.Number of issues identified early to pinpoint problems with delivering tasks or workload.b.Number of issues with effective evidence provided for escalations during triage. Number of relevant skill related training and development activities undertaken; evidenced by certification.

Outputs Expected:

Platform Health Monitoring:

Support Service Requests and first level Incident support Proactive identification of issues
with behavioural analysis/patterns identified. Conduct daily and regular occurring service tasks with minimal supervision to ensure daily operation of the platform supported.

Customer Focus:

Ensure customer specific processes are being followed and adhered to at all times Undertake mandatory and proactive learning and development opportunities.

Skill Examples:

Good communication skills Ability to work as part of a team Ability to understand basic computing technologies. Aptitude in working with a/multiple SIEM or EDR technologies Capable in working as part of a shift Ability to work with querying data and the role of a SIEM/EDR Ability to demonstrate analytical skills working across multiple technologies and customers.

Knowledge Examples:

Knowledge Examples

Knowledge of Security Operations and Incident Management Knowledge of IT Infrastructure and basic networking concepts Knowledge of a query language / regular expressions Understanding of ISMS Desirable: Certifications in IT infrastructure / SIEM / EDR / Ethical Hacking

Additional Comments:

Cybersecurity Expert / SIEM Engineer CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. We are looking for a highly skilled SIEM Engineer / Use Case Management Expert with specialized experience in OT threat mitigation to join us and become a member of our global Security Operations Team. Main Tasks and Accountabilities: • Understand customer requirements and recommend best practices related to SIEM operations. • Identify, develop, and document SIEM use cases, rules, correlations, dashboards for IT & OT environments, addressing emerging threats and customer needs. • Integrate new data sources and tune to work with existing use cases and ing. • Collaborate with cross-functional teams to integrate and test use cases in the SIEM. • Continuously assess and enhance use cases based on evolving threat landscapes and OT operational requirements. • Serve as a subject matter expert in SIEM technologies and content development. • Stay abreast of the latest cybersecurity technologies and practices in IT & OT environments. • Maintain comprehensive documentation for SIEM configurations, use cases, and OT incident response procedures. Mandatory Requirements: • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. • At least 4+ years of experience in SIEM engineering, cybersecurity, or a related role. • Proficiency with SIEM tools such as Sentinel, Splunk, QRadar, Chronicle, or similar platforms, query languages (e.g., AQL, SPL, KQL), and understanding of network security and threat intelligence. • Strong understanding of IT & OT security principles, industrial control systems (ICS), and SCADA systems. • Experience in developing and managing security use cases and playbooks for OT environments. • Excellent analytical and problem-solving skills. • Strong communication and collaboration skills. • Ability to work independently; self-starter/self-motivated. Preferred Requirements: • Experience with Google Chronicle SIEM & SecOps SOAR platform or Siemplify. • Experience working with API, webhooks and custom queries to ingest data. • Relevant certifications such as GICSP, CISSP, CISM, CEH, or similar. • Experience with OT protocols such as Modbus, DNP3, and IEC 60870-5-104. • Azure Devops experience.