Cyber Security Engineering Senior Expert

MOL Group

Budapest, Hungary

Would you like to be part of a Cyber Security Engineering team that is tasked to enable centralized security log management (SIEM-Security Information Event Management) across MOL Group entities, create rules for event correlation, detection/alerting and report creation also oversees the health, performance, stabilization and ongoing planning of the SIEM infrastructure?

Main responsibilities:

Performs awareness and representation of security principles and security threats.
Executes best practices for SIEM. Coordinates alerting/correlation to centralized SIEM services
Performs on-site and remote installations, architecture designs, integration and customisation of SIEM product according to the MOL Information Security requirements
Represents a Level 3 Subject Matter Expert role
Assess business/support requirements and define and implement SIEM use-cases
Mentor/Coach staff to create a world class Cyber Security team
Lead and coordinate security event providers and data feed owners
Create and deliver security state of condition reports to CISO and Business inline compliance/audit.

Requirements:

University or college degree (Engineering)
Ability to communicate between staff from analyst to managerial level, as well as maintain positive working relationships across the business. Focused “can-do” positive attitude to deliver excellent service
Structured thinking and analytical skills
Excellent written & oral communication skills ability to balance conflicting interests
Take responsibility for assigned tasks, take lead of unassigned tasks
Must be a team player
Able to deal with multiple issues and tasks under pressure
Excellent organizational, time management and interpersonal skills.
Metric reporting to demonstrate risk reduction
Holder of relevant security-focused certifications (CISSP, GCIA/GCIH, Security+ etc.
Bulletproof understanding of SIEM (Security Information and Event Management System) technology, architecture, locating sources and rule creation (Cisco MARS, HP ArcSight, RSA Security Analytics)
Ability to recognize security events of interest that may require improved detection/alerting capabilities.
Familiar with emerging technologies in the security monitoring, event correlation and alert/detection space.
Security and IT Metrics experience a plus; Report creation abilities strongly desired.
Extensive knowledge of security products such as Active Directory Auditing, Authentication, Firewalls, Intrusion Detection and Prevention Systems, and a variety of other related security technologies.
Experience with various security tools is a plus
Experience with general networking concepts such as routing, switching, packet flow, network design, networking diagramming, deep and session inspection and other related concepts. (Layers1 through 7)
Scripting Experience (e.g. Python, Perl, RegEx)
English, Slovakian (advantage), Croatian (advantage)