Lead the design and architecture of the bank's SIEM infrastructure, ensuring its effectiveness, scalability, and alignment with industry standards and regulatory requirements
Implement, configure, and optimize SIEM solutions to collect, correlate, and analyze security event data from various sources, such as network devices, servers, applications, and endpoints
Develop and maintain SIEM use cases, correlation rules, alerts, and reports to identify and prioritize security incidents and potential threats
Collaborate with other Cybersecurity and Security Engineering teams to investigate and resolve complex security incidents, conducting root cause analysis and recommending remediation actions
Stay up to date with the latest security threats, vulnerabilities, and industry trends, and proactively assess their potential impact on the bank's SIEM infrastructure
Lead SIEM-related projects, including system upgrades, enhancements, and integration with other security tools and technologies
Provide guidance and mentorship to junior SIEM engineers, promoting knowledge sharing and skill development within the team
Collaborate with internal stakeholders, such as IT operations, compliance, and risk management, to ensure the Bank's security posture is in line with industry standards and regulatory requirements
Participate in incident response exercises, tabletop simulations, and other security-related drills to enhance the bank's incident response capabilities
Responsibilities may include infrastructure architecture and design, research and development of new or expanded systems, creation of technology standards and policies, thorough analysis of user requirements and operational constraints, unit test and system integration, and user acceptance testing
Regularly and independently interact with business partners of varying associate and management levels to ensure clarity of the problem/opportunity and elicit business requirements