Devsecops - SIEM

ClubSec

Paris

Le besoin

Contexte

The AXA Global Cyber Defense team has launched the execution of a global Cyber Defense Program – the “Security Operations Center (SOC) Next Generation” - that aims at improving the way AXA anticipates, detects and reacts to Cyber Attacks. This program is followed directly by AXA Global Top Management (Board & MC) and cover all of the AXA entities globally (50+ countries)

The Security Operations Center (SOC) Next Generation Program is looking for a Senior SIEM consultant Service. The consultant will integration the project team in charge of the “Core SOC” program stream led by a program manager.

Missions

The mission for the Senior SIEM consultant service are to ensure the delivery of the activities as defined by the stream program manager. This will include:

- Get log sources sitting in datacenters onboarded into the SIEM.
- Get cloud log sources onboarded into the SIEM in relationship with the cloud teams and the service provider managing the new SIEM platform
- Get the infrastructure to connect to the new platform installed and validated
- Configure the redirection of the logs to the new platform
- Perform quality assurance on activities (execute/control acceptance tests, review/update documentation)
The Service will be in charge/participate to the following mission:
- Coordinate country Project Managers for log sources onboarding (scoping, planning, executing). Drive project meetings; follow up on tasks completion/actions/risk. Define action plans when necessary (escalation, issues, risks)
- Participate to the log source onboarding by validating the collection of the logs (on current SIEM, or in collaboration with the service provider of the new SIEM). Validate parsing. Participate to troubleshooting.
- Write the acceptance test documents for log source onboarding and new SIEM components deployment
- Define the new onboarding process
- Coordinate with various IT teams in order to select what data to onboard for a given technical architect (both inhouse and cloud)
- Review log policies for on premise technologies and for cloud technologies
- Review the tagging policy
- Define log connector configurations to redirect the logs to the new platform.
- Collaborate in close relation with the Use Case Factory team to help defining the Use Cases
- Build process to ensure the list of various types of log sources is maintained up to date (taking into account decommissioning / new assets)

Informations complémentaires

Deliverables
Minutes of meeting with regional IT teams Include: - Status, - Action/decision/risk registers
List of assets to be onboarded
Log source tagging rules
Log source onboarding acceptance test plan
List of tests that confirm the logs are properly onboarded
Acceptance test for connector configuration
Configuration of connectors for dual feeding & log redirection to Log Analytics
Description of the components to install, and the value of each variable to be configured
Development of scripts if necessary

Profil recherché

Expertise
SIEM/SOC expertise
SIEM infrastructure configuration and deployment
Linux & Windows expertise (incl. AD basics, WEC)
Architect expertise
Troubleshooting basis incl. network basic troubleshooting

Winsearch

Paris

Description du poste Missions principales : •250 à 300 paies mensuelles sur Silae •Rédaction des contrats et documents RH •Déclarations sociales •Conseil et accompagnement RH des clients …

Voir les Détails

Publié le 2025-08-05