Eurofins Scientific is an international life sciences company which provides a unique range of analytical testing services to clients across multiple industries. The Group believes it is the world leader in food, environment and pharmaceutical products testing and in agroscience CRO services. It is also one of the global independent market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, advanced material sciences and for supporting clinical studies. In addition, Eurofins is one of the key emerging players in specialty clinical diagnostic testing in Europe and the USA.

Group's key figures are approx. 5.4 billion Euros turnover, over 800 laboratories across 47 countries and about 50,000 staff.

Eurofins IT Infrastructure provides IT support for all Eurofins sites through an IT Service Desk and IT Operations teams.

SUMMARY OF ROLE AND OBJECTIVES:

The Security Information and Event Management (SIEM) Senior Engineer is in charge of the configuration, deployment and management of the Eurofins SIEM solution. He/she is the responsible application owner for the Eurofins SIEM solution and collaborates with IT Infrastructure on, configuration changes and tool management. The Engineer will work closely with other teams to ensure that the SIEM is performing to standard with all necessary logging sources.

ROLE & OBJECTIVES:

Specific Assignments:

The main responsibilities of the SIEM Coordinator

• Support the rollout of the Eurofins SIEM solution to enable real-time security monitoring;

• Act as the subject matter expert for the Eurofins SIEM solution;

• Work with other IT teams to continuously integrate various logging sources with the SIE

• Maintain SIEM solution and document the environment;

• Develop and upgrade dashboards, channels, filters, rule engine set-up, reports and integrate correlations to the information security incident process;

• Monitor and recommend improvements based on events or incidents of apparent security breaches detected by SIEM in areas including networks, applications, databases, systems, and endpoints.

• Analyse, troubleshoot, and remediate issues with the SIEM solution.

• Creation of reports on the status of the SIEM to include metrics on items such as number of logging sources, log collection rate etc;

• Incorporate change and patch management into the SIEM system.

• Provide support to manage SIEM components, IDS/IPS, SOAR, Web Proxy, DNS layer security, parsing/normalization of logs, rule engine, log storage, source device, log collection and event monitoring.

ADDITIONAL DETAILS ON ROLES & OBJECTIVES:

• Strong analytical and problem-solving capabilities;

• Prepare SIEM correlation schemes;

• Collaboration: skill to leverage others;

• Flexibility to adjust to various demands, changing priorities and ambiguity.

QUALIFICATIONS AND EXPERIENCE:

Minimum of 3-5 years of professional consulting or enterprise experience as:

• SIEM Engineer;

• Cyber-security Analyst;

• Network Security Specialist;

• IDS/IPS;

• SOAR;

• Web Proxy;

• DNS layer security.

Required:

• Experience with end-to-end deployment of a SIEM solution to a greenfield environment;

•  Experience with cyber intelligence / SIEM platforms (preferably QRadar but also alternatively Darktrace, ArcSight, Splunk or similar);

• Good experience in debugging security operation center systems, application, and network problems;

• Ability to document processes and procedures.

• Solid working knowledge of networking technology and firewalls, proxies, the OSI Model, protocols and standards;

• Scripting language knowledge (Python, Bash, Powershell).

• Experience in performing infrastructure support at an enterprise level;

• Ability to demonstrate strong knowledge of computer security concepts;

• Experience with information security devices (e.g. firewalls, intrusion detection/prevention systems);

• Project coordination or structural follow up/action tracking experience.

Education required:

• B.Sc. or M.Sc. in Information Technology or Information Security;

• Languages: fluent English, French or German is beneficiary;

• Information security certifications such as CISM, CRISC, CISSP, CCSP;

Ability and/or Skills:

Developed problem solving skills, ability to work independently with limited supervision and no more than general directions, knows when to consult with supervisor on major issues/problems, demonstrated knowledge and skills in designated areas, ability to handle multiple priorities, ability to function in an environment of constant change, strong organization skills and attention to detail, willingness to work overtime, excellent interpersonal and communication skills, ability to work under medium to high stress levels.