Saudi Aramco Careers

SIEM Administration and Security Content Development Specialist

Saudi Arabia
information technology

Job Description

Requisition ID: 1182386

Req Number: 16292BR

Position Description:
We are seeking a SIEM Administration and Security Content Development Specialist to join the Security Intelligence Center Division of Information Protection Department].

The Security Intelligence Center Division is responsible for providing 24/7 cyber security monitoring, manage cyber security incidents, manage Security Information and Event Management System (SIEM), Log Management Solution, and Cyber Security content management and development

The SIEM Administration and Security Content Development Specialists primary role is to deploy, configure, support, and manage security systems solutions, including systems integration, content development, log analysis and troubleshooting.

Minimum Requirements:
As the successful candidate you will hold a Bachelor’s degree in Computer Science from a recognized and approved program. An advanced degree is preferred.

You will have Ten years’ experience in Cyber security, including at least 6 year in SIEM administration, parser development, cybersecurity content development, and log analysis.

Include the other requirements as listed and use any of the following sentence starters:

You must achieve one of the following certificate:

ArcSight Certified Integrator/Administrator (ACIA)
ArcSight Certified Security Analyst (ACSA)
Certified Ethical Hacker (CEH)
EC-Council Certified Security Analyst

You must have experience with RHEL

Must be able to manage multiple projects

Must be able to analyze, troubleshoot, and remediate issues with SIEM

Must be familiar with common protocols such as: DHCP, LDAP, SNMP, SMTP, HTTP, SSL

Must be able to demonstrate strong understanding of security concepts, best practice and tools.

Understanding log format and source data for SIEM is a requirement

You must have the ability to develop and enhance SIEM rules, queries, filter, dashboard, report, channels, custom list.

You must have solid experience on developing custom parsers

You must have solid experience on integration ArcSight with other systems

You must have solid information security and threat intelligence knowledge.

Duties & Responsibilities:
You will be required to perform the following:

Provide support to configure, analyze, support, and remediate issues on the SIEM.

Develop and assess custom parser and flex connectors.

Develop and enhance SIEM rules, threat cases, queries, dashboards, channels and custom list.

Perform advance analysis on systems to assess their performance and health status and come up with the required remediation recommendation and implementation.

About us:
Saudi Aramco’s domestic operations span the Kingdom of Saudi Arabia and include the exploration for and production of oil and natural gas, refining, petrochemicals and distribution – none of which would be possible without the support of the Operations Services business line. Operations Services encompasses such vital support activities as aviation, marine, transportation, power distribution, materials supply and information technology. Saudi Aramco operates one of the world’s largest corporate aviation fleets, composed of fixed and rotary-wing aircraft whose flight and maintenance crews are among the best in the business. The company’s marine operations include oil spill fighting vessels, harbor pilot craft, tugboats for terminal operations and a variety of service ships. The areas of transportation, power distribution and materials supply are critical components of Saudi Aramco’s large array of complex petroleum and petrochemical facilities that provide a reliable supply of energy to people in the Kingdom and around the globe. The company’s IT infrastructure, including its communications networks, provides the methods and the means for the people of Saudi Aramco, no matter where they are, to stay connected and sustain the Company’s legacy of success.