SIEM Specialist

About the Company

Good Recruiter, an ethical recruitment agency, is on the lookout for a talented SIEM Specialist (H/F) to join one of the top insurance companies breaking new ground in technological innovation. Their mission? Transforming business processes through cloud computing, artificial intelligence, and big data.

Job Description

We are seeking an experienced SIEM Specialist to join our SIEM & Security Detection unit. As a vital member of the team, you will manage and develop SIEM platforms across various time zones for more than 20 legal entities within the Insurance Group.

Your responsibilities will include everything from infrastructure management to integrating new log sources and implementing detection strategies.

You'll work closely with the Security Operation Center, Cyber Security Incident Response team, and key IT departments to ensure seamless prevention, detection, and response to security events.

Main Responsibilities:

• Perform daily checks to ensure SIEM platforms operate smoothly.
  
• Identify and mitigate log source outages by notifying platform owners.
  
• Integrate additional log sources into GOSP SIEM platforms.
  
• Administer SIEM platforms for both on-prem and cloud instances.
  
• Provide regular reporting and key performance indicators (KPIs).
  
• Define and implement new security detection use cases in collaboration with the CSIRT team.
  
• Work with the SOC to fine-tune existing detection use cases.
  
• Participate in projects aimed at extending and evolving the SIEM scope towards cloud-based solutions.
  
• Optimize the use of SIEM resources on both on-prem and cloud platforms.
  
• Contribute to the definition and implementation of SIEM strategy according to Group security requirements.
  
• Collaborate with other Cyber Security and IT colleagues within GOSP and from the customer side.
  

• Degree in Computer Science, IT Security, or equivalent work experience in Information Security.
  
• Minimum 2-5 years of experience in SIEM administration.
  
• Excellent knowledge of Splunk and Splunk ES solutions.
  
• Good knowledge of IBM Qradar solution.
  
• Solid understanding of network principles.
  
• Intermediate English (at least CEFR B1, written/spoken).
  
• Availability to travel occasionally within Europe.
  
• Splunk certifications are a plus (e.g., Splunk Core Certified Advanced Power User, Splunk Cloud Certified Admin).
  
• Good understanding of IT infrastructure (network, systems).
  
• Proficiency in one or more scripting languages (e.g., PowerShell).
  
• Ability to define security use cases and correlation rules for new cyber threat detection.
  
• Strong communication and interpersonal skills in an international environment.
  
• Detail-oriented with flexibility to handle changing requirements.
  
• Knowledge of security concepts such as cyber-attacks and threat vectors.
  
• Proficiency with Microsoft Office suite (Word, PowerPoint, Excel).
  

Why Join Our Client? Become part of a company celebrated for its expertise and commitment to security and operational continuity in the international insurance industry.

Salary and Benefits:

• Attractive salary: 56k€ - 78k€
  
• Participation and profit-sharing on annual fixed salary
  
• Hybrid work model (3 days of telecommuting)
  
• Enriching career path
  
• Access to a works council (CE)
  
• Excellent health insurance
  

Recruitment Process:

1. Telephone interview with Good Recruiter for an initial contact and evaluation of your background.
   
2. Interview to assess your technical skills, cultural fit, and professional aspirations.
   

Join us and make a difference