View Jobs Description
General Information
Req #WD00072366
Career area: Information TechnologyCountry/Region: Brazil
State: São Paulo
City: Sao Paulo
Date: Thursday, October 17, 2024
Working time: Full-time
Additional Locations:
- Brazil - São Paulo - São Paulo
- Brazil - São Paulo - Sao Paulo
Why Work at Lenovo
We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services.
Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).
This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our Story Hub.
Description and Requirements
Primary Responsibilities- Provide engineering, operation and enhancement of the SIEM, SOC platform tools and data collection and analysis systems.
- Develop, deploy, and tune tools content and reporting.
- Assist in the design, architecture and implementation of use cases, detection rules, integration and workflows automation
- Analyze existing use case catalogue and correlation rules implemented as well as automation workflows.
- Cooperate with the other team members in correlation searches development and testing.
- Prepare correlation search test, conduct test and document evidence from test that shows correlation search addresses scenario described in use case.
- Cooperate with log source onboarding project to assure correct log source onboarding and log mapping to data models according to SOC tools best practices.
- Responsible for the creation of procedures, runbooks, high-level/low-level documentation, implementation of processes and development of staff in relation to SOC tools detection logic.
- Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems and SOC tools.
- 3+ years of hands-on SIEM experience.
- Direct experience with SOC tools engineering and data integration.
- Scripting and development skills in Python/Perl with deep comprehension of regular expressions.
- General networking and security knowledge.
- Experience with building intricate searches from disparate data sources and joining them together
- Versed in building threat detections (correlation rules) using security logs to detect malicious activity with high fidelity
- Knowledge of security logging for Linux, Windows, major EDRs, Firewalls, & Active Directory
- The ability to aggregate and analyze logs from various deployed security devices.
- Familiarity with Dev Ops and cloud computer service providers (AWS / Azure)
Additional Locations:
- Brazil - São Paulo - São Paulo
- Brazil - São Paulo - Sao Paulo
- Brazil
- Brazil - São Paulo
- Brazil - São Paulo - São Paulo , * Brazil - São Paulo - Sao Paulo