Company Description
Experian is a global leader in consumer and business credit reporting and marketing services and a constituent of the United Kingdom's FTSE 100 index, with total revenue for the year ended March 31, 2020, of US$5.2 billion.
We support clients in more than 100 countries and employ approximately 17,800 people in 45 countries.
Job Description**
What you will be doing**:
**Major Responsibilities include**:
- Understand data feeds of various security tools and logs that feed the SIEM & UEBA technologies.
Ability to identify capabilities and quality of these feeds and recommend improvements.
- Ability to craft new content use cases based on: threat intelligence, analyst feedback, available log data, previous incidents.
- Perform day to day activities of the content life cycle, including creating new use cases, testing content; tuning, and removing content; and maintain associated documentation.
Work with the other security functions and product SMEs to identify gaps within the existing analytical capability.
- Development of parsers/field extractions to facilitate reliable content development
- Development of custom scripts as required to augment default SIEM functionality
- Participate in root cause analysis on security incidents and provide recommendations for containment and remediation
- Act as the liaison to business units to fulfill audit, regulatory compliance and/or corporate security policy requirements.
- Create, implement and maintain novel analytic methods and techniques for incident detection
- Ensure documentation for content is available on team wiki
- specifically including content roadmap and documentation on current content
Qualifications**
What your background looks like**:
- 5+ years' of information security experience, preferably engineering or development.
- 3+ years' experience supporting a SEIM platform in a content development or administrative role
- 2+ years' experience performing SOC analysis and/or incident response
- UNIX experience is non negotiable.
- Bachelor's Degree or higher degree in Computer Science, Information Security or similar discipline is preferred
- Experience with a wide range of security products
- Industry Security Certifications (CISSP, SANS) preferred
- Scripting (Python is preferred, but most any programming knowledge will be sufficient if engineer is willing to learn Python)
- Prior experience in SIEM content development (LogRhythm, Splunk, QRadar, McAfee ESM, or similar SIEM platform) Splunk preferred.
- Understanding of various log formats and source data for SIEM Analysis
- Solid background with Windows and Linux platforms (security or system administration)
- Ability to effectively communicate with anyone, from end users to senior leadership
- facilitating technical and non-technical conversations.
- Strong incident handling/incident response/security analytics skills
- Deep understanding of technical concepts including networking and various cyber attacks
- Solid comprehension of various security controls, capabilities and use in a corporate environment
- Exceptional problem solving capabilities
- Strong documentation and communication skills
- Demonstrated history of innovation and/or creativity
- Ability to drive process improvements and identify gaps
- Ability to excel in a team, as an individual, in a fast-paced deadline driven organization
- Knowledge of programming/scripting fundamentals
- Passion for excellence and attention to detail
Additional Information
Our benefits include: Medical, life and dental insurance, Asociación Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.
LI-GJ1
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here