View Jobs Description

General Information

WD00072366

Additional Locations:

• Brazil - São Paulo - São Paulo
• Brazil - São Paulo - Sao Paulo

Why Work at Lenovo

We are Lenovo. We do what we say. We own what we do. We WOW our customers.

Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services.

Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).

This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our Story Hub.

Description and Requirements

• Provide engineering, operation and enhancement of the SIEM, SOC platform tools and data collection and analysis systems.
• Develop, deploy, and tune tools content and reporting.
• Assist in the design, architecture and implementation of use cases, detection rules, integration and workflows automation
• Analyze existing use case catalogue and correlation rules implemented as well as automation workflows.
• Cooperate with the other team members in correlation searches development and testing.
• Prepare correlation search test, conduct test and document evidence from test that shows correlation search addresses scenario described in use case.
• Cooperate with log source onboarding project to assure correct log source onboarding and log mapping to data models according to SOC tools best practices.
• Responsible for the creation of procedures, runbooks, high-level/low-level documentation, implementation of processes and development of staff in relation to SOC tools detection logic.
• Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems and SOC tools.

• 3+ years of hands-on SIEM experience.
• Direct experience with SOC tools engineering and data integration.
• Scripting and development skills in Python/Perl with deep comprehension of regular expressions.
• General networking and security knowledge.
• Experience with building intricate searches from disparate data sources and joining them together
• Versed in building threat detections (correlation rules) using security logs to detect malicious activity with high fidelity
• Knowledge of security logging for Linux, Windows, major EDRs, Firewalls, & Active Directory
• The ability to aggregate and analyze logs from various deployed security devices.
• Familiarity with Dev Ops and cloud computer service providers (AWS / Azure)

Additional Locations:

• Brazil - São Paulo - São Paulo
• Brazil - São Paulo - Sao Paulo
• Brazil
• Brazil - São Paulo
• Brazil - São Paulo - São Paulo , * Brazil - São Paulo - Sao Paulo