Security Log Collection Bnp Paribas - Madrid, España - BNP Paribas

BNP Paribas

Empresa verificada

Madrid, España

hace 2 semanas

Publicado por:

Isabel García

beBee Recruiter

Descripción

Service Overview

The service of Production Security provides all necessary resources to ensure the correct and efficient deployment, administration and support of operational security solutions and tools on network, server and endpoint infrastructures for business areas operated by ITG.

Logs Management Team provides a central service to collect the security' logs of all assets provide by the ITG infrastructure of service.

The team has a lot of requirements to cover for risk of internal business or from regulators.

The job is mainly about the log management coverage, with different parts like monitoring of coverage with Kibana (Elastic) and develop metrics.

And an active participation to audits with delivery of evidence and technical documentations to respond to all requirements.

Missions & TAsks

Monitoring of collection coverage: the coverage metrics are defined and validated to meet the security requirements and are presented at the various Committees (KPIs).
Implementation and maintenance of dashboard/report to track coverage metrics (Splunk and Elastic).
Daily metrics monitoring (Splunk and Elastic).
Acceptance during a new security log collection project.
Participation in security log collection projects
Monitoring of incidents related to the collection of logs.
Implementation and followup of action plans in the event of a collection problem.
Coordination between the various actors on the maintenance in operational condition.
Provide logs in case of production or security incident to enable their resolution.
Audit: provide evidence and technical documentation to meet audit requirements which are under the log management scope.
Regular updates of technical documents (collection procedure, access management, etc.) in order to provide them in the event of an audit.
Provide evidence of collection of security events (zoom on the log files collected/eventID and their correspondence ex: logon/ logout, etc)

Skills:

TECHNICAL ESSENTIALS:

SIEM tool:
Splunk : Client side (SPL, reporting, alerting,) and Administration side (infrastructure, agent, access management,)
ELK :

Client side (Kibana,) and Administration side (infrastructure, agent, monitoring LogStash,)

Transversal qualification:
Linux and Windows servers (EventID, rsyslog, unix file permission,)
Syslog :

protocol / deamons (client / server)

DevOPS :

GIT, Ansible, Jenkins- Network principles (IP, Protocols, Network segmentation)- Global IT culture (Application security, Environments, Workstations)
SOFT SKILLS / BACKGROUND:

Fluent English written and spoken. Strong written, oral, and interpersonal communications skills.
French is a plus
Bachelor in Computer Science or equivalent.
Minimum 2 to 4 years experience in cybersecurity and production environments.
Client Focus
Capable of communicating
Ability to coordinate with offshore teams; interface with customers, CISO teams, security architects and administration teams for issue resolution.
Project lifecycle experience, capability to follow up action plans.

CAPABILITIES:

Available for On Site Services: 09:00 to 18:00 regular/variable schedule range.

PRIMARY LOCATION

ES-MD-Madrid

JOB TYPE

Standard / Permanent

JOB

INFORMATION TECHNOLOGY

EXPERIENCE LEVEL

At least 3 years

SCHEDULE

Full-time

REFERENCE

BNP-000767

APPLY
***- (

REF:

BNP