Senior Information Security Engineer

Job Title:Senior Information Security Engineer Overview:OverviewMastercard's Vocalink Security Monitoring Engineering (SME) team is looking for a Senior Information Security Engineer to manage SIEM content, to monitor and detect cyber security threats & incidents. The ideal candidate is highly motivated, intellectually curious and analytical. The role requires a blend of cybersecurity experience and highly developed communication skills. The purpose of this role is to enhance security monitoring tooling, detections and incident response capabilities using SIEM solutions to provide a single view of the environment. A good working knowledge of Splunk SPL is essential for this role.In this role, you will:• Work closely with the Security Operations Center (SOC), Security Engineering, Application and Cloud support teams to improve existing security monitoring and deliver resilient and comprehensive security solutions• Onboard data to the required standards, maintain and tune log sources, data contents, and use cases• Provide evidence of compliance for our audited environments (including PCI, ISO27001, & ISAE3000)• Define how logs should be parsed and ingested for best practice• Engage with other teams to ensure that the SIEM is performing to standard with all necessary logging sources monitored• Analyse, design and deliver solutions to detect and stop adversaries• Propose additional Security Monitoring Use Cases• Define thresholds and baselines to aggregate similar events then write correlation rules• Ensure SIEM technologies are integrated & utilised to protect cyber related assets• Support the operation of the comprehensive SIEM platform• Analyse SOC alerts statistics and workflows to reduce false positives and increase fidelity.• Manage and improve SIEM infrastructure to improve detection flexibility and reliability.• Build pipelines to enrich logs and alert results to provide a comprehensive view for SOC analysts.• Research new security technologies and their applications to SIEM, SOAR, and cloud environments• Work with project teams to scope and deliver security related solutions• Support relationships with 3rd party vendors to enhance monitoring• Contribute to requirements for other security (and allied) technologies such as Endpoint/Network Detection & Response, Intrusion Detection/Prevention, Web Proxies etcAll About You • Senior level experience within a logging and monitoring function, with functional knowledge of a Security Operations Centre, preferably within a Regulated Financial Services business• Familiar with different log onboarding techniques in Splunk including syslog, HTTP event, Universal Forwarder, DB Connect and API queries• Has ability to write SPL and use and populate data models• Previous experience in an audited environment complying with common regulation standards• Experience with other common Security Monitoring technologies• Ability to understand technical analysis that demonstrates the effectiveness of security enforcing technologies• Knowledge of global security and reporting standards such as NIST and MITRE • Common Cloud based platform technology experience is beneficial• Delivery mind-set supported by ability to execute in a complex technical environment • Experience collaborating cross-functionally to identify and implement best practice security, logging and monitoring processes • Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner• CISSP, GIAC certifications or equivalent• Familiarity with Indicators of Compromise (IoCs), Indicators of Attack (IoAs), ATT&CK Tools, Techniques and Procedures (TTPs)• The Ideal candidate is a technically inclined and experienced security specialist who enjoys working in a fast-paced collaborative team environment• Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner• The ideal candidate is a technically inclined and experienced security specialist who enjoys working in a fast-paced collaborative team environment• Flexible to provide on-call support 24/7 in the future if required• Ability to obtain SC clearance• Able to visit the office regularly (Dunstable or London)
#J-18808-Ljbffr