Senior Siem Engineer, Cyber Defense - News Corp Job in News Corp

Job Description : Cyber Defense, Senior SIEM Engineer - Logging and Monitoring Team: News Corp - Cyber Defense Location: India Responsibilities Assist in the operation of a global SaaS SIEM platform across all of News Corp s Business Units around the world. Manage the alert lifecycle collaborating with the SOC and Detection & Response team in defining, tuning, documenting, and refining alerts. Onboard new log sources and maintain the health of existing ones (ensuring all logging paths are working as expected). Create and maintain SIEM configurations for enrichment, field extractions and CIM normalization. Build and maintain operational documentation to support the SIEM platform. Serve as an escalation point for security events, investigations, and incidents as needed. Integrate with automation platforms to help automate response, alerting and ticket creation. Create Dashboards to aid in monitoring the environment. Developing and delivering reports to the Cyber and other engineering teams. Skills & Knowledge Hands-on experience with SIEM platforms, such as Splunk, LogRhythm, or ArcSight. Knowledge of regular expressions. Skilled in analyzing logs to develop new alerts, separating noise from events requiring further exploration. Ability to read system data, including but not limited to, security and network event logs, sys logs and firewall logs. Previous experience in a technical or security role. Experience with Firewalls, Intrusion Detection/Prevention Systems, Proxies, Web Applications, and/or Penetration Testing would be a plus. Knowledgeable about security issues, vulnerabilities, regulatory changes, legal changes and security standards that may impact information security. Experience troubleshooting common network devices and network attack patterns. Solid working knowledge and understanding of multiple operating systems and commands, as well as an understanding of IT security and network best practices and software/hardware solutions. You ll be able to effectively multi-task, prioritize work, and handle competing interests. Strong communication skills both written and oral with the ability to articulate technical information to a non-technical audience. Experience engaging with global and offshore teams. Experience scripting, specifically in Python, and working with Git. Knowledge of the cloud and cloud logging capabilities (AWS experience a plus). Required Experience & Qualifications Multiple years technical and/or cyber security experience. Expertise using SIEM platforms (Splunk experience a plus). Experience in reviewing and assessing logs for anomalous activity indicating the presence of a threat. Experience transforming data, inclusive of regular expression (regex). Proven ability to converse complex/technical information effectively to technical and non-technical audiences. Knowledge of multiple computing platforms, including Network, Windows, OSX, Linux, Unix, networks and endpoints. Experience with Firewalls, Intrusion Detection/Prevention Systems, Proxies, Web Applications, and/or Penetration Testing would be a plus. Knowledge of the cloud and cloud logging capabilities (AWS experience a plus).