Log Source Onboarding and SIEM Platform & Process Improvement.

Consult and steer onboarding of log sources and strategic infrastructure components to a central big data log management and SIEM (Security Information & Event Management) platform predominantly based on The Elastic Stack (ELK).

Guide internal customers and group affiliates through compliance guidelines, and lead their onboarding process through all stages, in particular: initial analysis, implement log shipping, develop log parsing, conduct stakeholder workshops on reports/visualizations, implement monitoring dashboards, develop & improve generic and customer-specific incident/response playbooks.

Further, align platform SLA with all relevant stakeholders esp. from IT Service Management to ensure proper fit into existing SM frameworks and agreements.

Continuous architectural and operational improvement of the log management platform in an agile, DevOps driven environment, and in close contact with the company SOC (Security Operations Center).

Industry

Insurance

Roles

Senior Business Analyst, Systems Engineer

Technologies a.o.

Elasticsearch, Logstash, Kibana, Apache Kafka, Apache NiFi