isecjobs.com

Security Information & Event Management (SIEM) Administrator - Splunk, Tenable Security Center, & Op

Montreal, Quebec, QC H2R 2Y8

Full Time Mid-level / Intermediate CAD 68K - 160K * est.
Company logo

HR Path

View all jobs at HR Path

Apply now Apply later

HR PATH GROUP

 

The HR Path Group, a global player in HR consulting, assists its customers in their HR transformation projects, both on the human and tools aspects (HRIS). We intervene in Europe, America and Asia-Pacific, for our large accounts and SME customers, in order to offer them a global support in the development of their HR strategy.

Advise to Run ! HR Path, Global Leader in HR solutions

  • ADVISE: We support our customers in the transformation of their HR function, through a redefinition of their HR organization and their HRIS digitalization

  • IMPLEMENT: As a partner of the main editors of the market, we carry out technical and functional implementation projects of all HRIS solutions (SaaS or On-Premise)

  • RUN: Thanks to our global payroll expertise, we offer our clients several levels of payroll outsourcing

 

YOUR MISSIONS

 

HR Path is seeking a skilled and motivated SIEM Administrator with knowledge in Splunk, Tenable Security Center, and OpenCTI to join our security operations team.  The role is under the Head of Security Operation (CISO manager is HR Path CEO).
This role is important to maintain, optimize, and enhance HR Path security tools to ensure our organization’s security, and compliance proactively detect and mitigate security threats.

As a SIEM Administrator, you will be responsible for managing and maintaining the Splunk platform, the Tenable Security Center for vulnerability management, and the OpenCTI platform for threat intelligence. You will work closely with incident security analysts, compliance and audit team, and other security personnel to ensure that tools are adapted to current and future needs.

 

  • Splunk

o    Administer, configure, and maintain the Splunk platform, including forwarders, indexers, and search heads
o    Develop, deploy, and optimize Splunk dashboards, searches, and alerts to enhance visibility of security events and threats
o    Troubleshoot and resolve issues related to data ingestion, indexing, and query performance
o    Create and maintain Splunk apps and custom Splunk configurations as required by security operations and compliance
o    Implement and maintain Splunk security best practices for data retention, storage, and compliance
o    Work closely with security team members to ensure Splunk integrates seamlessly with other security and IT systems
o    Go deeper in logs to investigate use cases associated to fraud

 

  • Tenable Security Center

o    Administer and configure Tenable Security Center for vulnerability scanning, management, and reporting
o    Administer Tenable.IO scope to ensure collect from remote vulnerability scanning, management, and reporting
o    Configure, schedule, and control vulnerability scans of systems, networks, and assets
o    Integrate Tenable Security Center with other security platforms such as SIEMs, ticketing systems, and remediation tools
o    Maintain and update Tenable plugins, scanners, and configuration settings
o    You will not be in charge of remediation follow-up (managed by the SOC/VOC team)

 

  • OpenCTI

o    Manage and administer the OpenCTI platform for centralized threat intelligence management and integration (based on Kubernetes)
o    Develop workflows for the collection, analysis, and sharing of threat intelligence
o    Integrate OpenCTI with other security platforms (Splunk, Firewalls, WAF, Tenable, etc.)
o    Configure and maintain data pipelines for automatic ingestion of threat intelligence feeds
o    You will not be in charge of threat intelligence qualification and investigation (managed by the SOC/VOC team)


 

YOUR PROFILE

 

  • 3+ years of experience with Splunk administration, including working with Splunk Enterprise or Splunk Cloud

o    Advanced knowledge of Splunk search language (SPL) and dashboard creation
o    Splunk Enterprise Certified Admin or associated knowledge

  • Ideally an experience in Tenable Security Center administration and vulnerability management

o    Experience with Tenable vulnerability management, including configuring scans, interpreting findings, and reporting

  • Ideally an experience in managing OpenCTI and threat intelligence platforms

o    Understanding of OpenCTI platform workflows, intelligence sharing, and integrations with other security tools
o    Familiarity with threat intelligence concepts such as IOC, TTPs, and MITRE ATT&CK framework.

  • Experience with Linux/Unix and Windows administration, including automation and scripting (especially Red Hat)

 

WHAT WE OFFER

 

  • This role provides a unique opportunity to work with top-tier security technologies

  • A stimulating work environment at the heart of an entrepreneurial and international culture

  • A transversal approach to our activities, which encourages teamwork and excellence

  • Numerous opportunities for advancement (horizontal, vertical and international mobility)

  • Annual salary increases on the anniversary date to reward performance

  • Multiple training opportunities (internal university, certifications)

  • Certified Happy at Work, we offer a good life balance with telecommuting possibilities

  • A friendly work environment (quarterly team activities, annual international seminar)

 

See you soon at HR Path !

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Category: Admin Jobs

Tags: Automation CISO Cloud Compliance Firewalls Kubernetes Linux MITRE ATT&CK Red Hat SaaS Scripting SIEM SOC Splunk Strategy Threat intelligence TTPs UNIX Vulnerability management Vulnerability scans Windows

Perks/benefits: Team events

Region: North America
Country: Canada

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Senior Security Analyst jobsInformation System Security Officer jobsInformation Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Cybersecurity Engineer jobsSystems Engineer jobsSenior Network Security Engineer jobsCyber Security Specialist jobsSystems Administrator jobsIT Security Engineer jobsSenior Information Security Analyst jobsChief Information Security Officer jobsSecurity Consultant jobsSecurity Specialist jobsIT Security Analyst jobsSenior Cyber Security Engineer jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsCyber Threat Intelligence Analyst jobsThreat Intelligence Analyst jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobsSenior Penetration Tester jobs
SaaS jobsEncryption jobsGDPR jobsSplunk jobsMalware jobsTop Secret jobsEDR jobsBash jobsSQL jobsSDLC jobsThreat detection jobsRMF jobsIDS jobsFinance jobsForensics jobsIPS jobsDocker jobsTerraform jobsIntrusion detection jobsDoDD 8570 jobsActive Directory jobsCompTIA jobsITIL jobsCRISC jobsOWASP jobs
GIAC jobsSOC 2 jobsUNIX jobsSAP jobsSANS jobsAnsible jobsHIPAA jobsClearance Required jobsCCSP jobsOSCP jobsTCP/IP jobsIndustrial jobsSOAR jobsBanking jobsVPN jobsMachine Learning jobsJira jobsJavaScript jobsSOX jobsMITRE ATT&CK jobsPolygraph jobsDNS jobsNIST 800-53 jobsIT infrastructure jobsCISO jobs