Information Security Consultant (SIEM)

Company Description

About Eurofins

Eurofins Scientific is an international life sciences company, providing a unique range of analytical testing services to clients across multiple industries, to make life and the environment safer, healthier and more sustainable. From the food you eat to the medicines you rely on, Eurofins works with the biggest companies in the world to ensure the products they supply are safe, their ingredients are authentic and labelling is accurate. Eurofins is a global leader in food, environmental, pharmaceutical and cosmetic product testing and in agroscience CRO services. It is also one of the global independent market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, CDMO, advanced material sciences and in the support of clinical studies.

In over just 30 years, Eurofins has grown from one laboratory in Nantes, France to 58,000 staff across a network of over 1,000 independent companies in 54 countries, operating 900 laboratories. Performing over 450 million tests every year, Eurofins offers a portfolio of over 200,000 analytical methods to evaluate the safety, identity, composition, authenticity, origin, traceability and purity of biological substances and products, as well as providing innovative clinical diagnostic testing services, as one of the leading global emerging players in specialised clinical diagnostics testing.

Eurofins is one of the fastest growing listed European companies with a listing on the French stock exchange since 1997. In FY 2021, Eurofins achieved a record revenue of over EUR 6.7 billion.

Eurofins IT Solutions India Pvt Ltd (EITSI) is a fully owned subsidiary of Eurofins and functions as a Global Software Delivery Center exclusively catering to Eurofins Global IT business needs. The code shipped out of EITSI impacts the global network of Eurofins labs and services.

The primary focus at EITSI is to develop the next generation LIMS (Lab Information Management system), Customer portals, e-commerce solutions, ERP/CRM system, Mobile Apps & other B2B platforms for various Eurofins Laboratories and businesses. Young and dynamic, we have a rich culture and we offer fulfilling careers.

Job Description

• Connect, configure, and standardize new log sources to the Eurofins SIEM solution.
• Develop, implement, tune and asses new and existing rules.
• Experience in managing XSOAR solution (troubleshooting and content developing).      
• Understanding of Cortex architecture.
• Support the Eurofins SIEM solution to enable real-time security monitoring.
• Provide guidance for the Eurofins SIEM solution and for detection rules around Applications and Cloud solutions (e.g., PaaS services, but also IaaS Security Monitoring).
• Work with other IT teams to continuously integrate various logging sources with the SIEM.
• Develop and upgrade dashboards, channels, filters, rule engine set-up, reports, and integrations to the information security incident process.
• Monitor and recommend improvements based on events or incidents of apparent security breaches detected by SIEM in areas including networks, applications, databases, systems, and endpoints.

Other Assignments:

• Creation of reports on the status of the SIEM to include metrics on items such as number of logging sources, log collection rate etc.
• Incorporate change and patch management into the SIEM system.
• Provide support to manage SIEM components, IDS/IPS, parsing/normalization of logs, rule engine, log storage, source device, log collection and event monitoring

 ADDITIONAL DETAILS ON ROLES & OBJECTIVES: 

• Strong analytical and problem-solving capabilities.
• Prepare SIEM correlation schemes.
• Collaboration: skill to leverage others.
• Flexibility to adjust to various demands, changing priorities and ambiguity. 

EXPERIENCE REQUIRED:

Minimum of 4-10 years of professional consulting or enterprise experience as:

• SIEM Admin (preferably Qradar)
• XSOAR (preferably Cortex)
• Python
• Java script
• Cyber-security Analyst.
• Network Security Specialist.

Required

• Experience with end-to-end deployment of a SIEM solution to a greenfield environment.
• Experience with cyber intelligence / SIEM platforms (preferably QRadar but also alternatively Darktrace, ArcSight, Splunk or similar).
• Good experience in debugging security operation center systems, application, and network problems.
• Ability to document processes and procedures.
• Knowledge of the MITRE ATT&CK / D3FEND framework and respective adversary tactics.
• Solid working knowledge of networking technology and firewalls, proxies, the OSI Model, protocols, and standards.

Appreciated

• Experience in performing infrastructure support at an enterprise level.
• Ability to demonstrate strong knowledge of computer security concepts.
• Experience with information security devices (e.g., firewalls, intrusion detection/prevention systems).
• Project coordination or structural follow up/action tracking experience.

Personal profile

• Very good English communication skills (concise writing and orally convincing).
• Very good interpersonal relation skills.
• Ability to work in a complex international environment.
• Eager to learn and continuously develop personal and technical capabilities.

ADDITIONAL QUALIFICATIONS AND EXPERIENCE REQUIRED:

Required:

• Able to write well-structured and comprehensive documents.
• Able to analyze complex network architecture
• Translate technical risks into risks for business processes.
• Able to assess different platforms and IT Systems.

Appreciated:

• English native speaker.

Beneficiary:

• Information security certifications such as CISM, CRISC, CISSP.

PREFERRED PERSONALITY PROFILE:

• Analytical: Analyze business requirements and align them with security policies
• Innovative: Create ideas within the set context and framework.
• Deliver: Able to make ideas happen.
• Structured: Well-structured work style.
• Empathy: Understand the conditions under which other departments are working.

Additional Information

Personal Qualities:

· Excellent analytical and problem solving skills

· Excellent verbal and written communication skills

· Successful teamwork experience and demonstrated leadership abilities are required

· Proven ability to transfer knowledge and stay aware of current trends and technical advancements

· Ability to articulate and present different points-of-views on various technologies