Home

100% interview*::Logging & SIEM role::REMOTE at Remote, Remote, USA
Email: [email protected]
From:

Sam,

Adventa Tech Inc

[email protected]

Reply to:   [email protected]

Job Description -

Position:             Logging/SIEM role

Location:            Remote 

Duration:           6+ month

Rate:                   $100/hr

Visa:                    ANY

MOI:                    Video

I am looking for a Logging SME to help with Application Logging.  I am also looking for someone to do installation of a tool called Tenable. 

Tenable. 

Logging/SIEM role

Build a Logging and Monitoring Standard for Identified Applications
Clearly specify the types of logs to collect (e.g., security, audit, performance, error logs) based on the application's criticality.
Define logging levels (error, warning, info, debug) and map them to relevant events.
Set retention timelines for each log type, balancing operational needs and regulatory compliance.
Adoption Across Applications: Ensure all identified applications adopt this standard, leading to a uniform logging and monitoring framework.
Determine Applications Capable of Logging
Review each application's ability to generate relevant logs (e.g., Syslog, JSON, proprietary formats) to ensure they meet the logging standard.
Collaborate with application owners to confirm existing logging capabilities and identify gaps. Ensure that all necessary logs are enabled and aligned with the standard.
Configure Applications to Log in Compliance with BSC Standards
Configure logging for all applications to meet the predefined BSC standards. This includes ensuring appropriate log formats, retention policies, and security measures are applied.
Ensure the logging of critical events such as authentication, data access, configuration changes, and errors is standardized across applications. Follow best practices for ensuring event visibility and accuracy.
Configure Applications to Forward Logs for SIEM Integration
Configure applications to forward logs to the SIEM. This ensures centralized monitoring, analysis, and incident detection across the entire application ecosystem.
Identify areas to transform logs, ensuring only relevant logs are ingested. This will help reduce noise and manage SIEM ingestion costs effectively.
Perform end to end testing to confirm logs are forwarded and integrated into the SIEM properly. Address any formatting or network issues that may arise.
Develop Application Monitoring Use Cases
Assist to develop monitoring use cases specific to each applications behavior and operational context. Focus on key areas such as:
Track application performance metrics and log performance issues.
Identify security related events such as unauthorized access, privilege escalation, or suspicious behavior.
Operationalize Monitoring Use Cases
Integrate the developed use cases into the SIEM for real-time monitoring.
Set up key performance indicators such as alert accuracy (to minimize false positives) and incident response time. 
Train SOC Analysts on Application Logging and Monitoring established processes

Keywords: access management
100% interview*::Logging & SIEM role::REMOTE
[email protected]
[email protected]
View all
Fri Sep 13 18:51:00 UTC 2024

To remove this job post send "job_kill 1747411" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.


Your reply to [email protected] -
To       

Subject   
Message -

Your email id:

Captcha Image:
Captcha Code:


Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 0

Location: ,