Saltar al contenido principal

CyberSecurity Engineer - CNI

00068895721


Job Summary

Collaborate with global cybersecurity teams to monitor investigate and respond to threats across Critical National Infrastructure environments using AlertLogic SIEM Splunk and Arcsight. Analyze high volume security events enhance detection content and support incident handling for Hi Tech clients in a hybrid work model while following day shift operations and ensuring strong cyber resilience.


Responsibilities

  • Monitor security events in real time using AlertLogic SIEM Splunk and Arcsight to detect suspicious activity across Critical National Infrastructure environments and Hi Tech platforms
  • Analyze correlated alerts to identify genuine security incidents while filtering out noise so that investigation efforts focus on the riskiest threats
  • Investigate security incidents end to end by collecting logs reviewing contextual data and documenting clear timelines that support decisive response actions
  • Coordinate with incident responders and infrastructure teams to contain threats eradicate malicious activity and validate successful recovery for affected systems
  • Develop and refine detection rules and correlation searches in AlertLogic SIEM Splunk and Arcsight to improve alert fidelity and reduce false positives over time
  • Create and maintain use cases and playbooks for common attack patterns targeting Hi Tech and Critical National Infrastructure environments to promote consistent incident handling
  • Perform root cause analysis on significant incidents and propose pragmatic control enhancements that reduce the likelihood of recurrence and strengthen security posture
  • Support vulnerability and configuration review activities by interpreting scan results and log data to highlight exploitable weaknesses in monitored systems
  • Collaborate with application cloud and network teams to integrate new log sources into SIEM platforms and validate that events are normalized enriched and searchable
  • Document investigation steps findings and corrective actions in case management tools with a high level of clarity that supports audit compliance and knowledge reuse
  • Produce concise operational reports and metrics that summarize incident trends tool performance and emerging risks for consumption by technical stakeholders
  • Contribute to continuous improvement of SOC workflows by suggesting automation tuning and process refinements that enhance efficiency and analyst experience
  • Participate in tabletop exercises and scenario based simulations that validate incident response readiness for Hi Tech and Critical National Infrastructure services
  • Assist with user awareness by sharing observed threat patterns and practical security hygiene recommendations that help reduce human related vulnerabilities
  • Coordinate with global teams in a hybrid work model to ensure consistent day shift coverage and smooth handover of ongoing investigations where required
  • Support adherence to regulatory and industry standards relevant to Critical National Infrastructure by aligning monitoring practices and documentation with policy expectations
  • Engage in knowledge sharing sessions to spread expertise on AlertLogic SIEM Splunk and Arcsight so that team capabilities grow collectively over time
  • Review new projects and technology changes impacting Hi Tech environments to provide input on logging monitoring and incident response requirements from the outset
  • Participate in threat hunting activities by exploring unusual patterns in logs and developing hypotheses that uncover stealthy or previously undetected malicious activity
  • Assist in evaluating and testing new security tooling or SIEM features that can improve detection quality analyst workflow and overall cyber defense effectiveness


Qualifications

  • Demonstrate practical experience in operating and tuning AlertLogic SIEM for log ingestion correlation and alert triage across complex enterprise environments
  • Apply hands on knowledge of Splunk searches dashboards and correlation rules to investigate incidents and deliver meaningful insights from high volume security data
  • Utilize working experience with Arcsight content development event schema and use case implementation to support robust and scalable security monitoring
  • Bring foundational understanding of cybersecurity principles including network security endpoint protection identity security and incident response lifecycle
  • Show exposure to Hi Tech or technology driven business environments where rapid innovation cloud adoption and complex architectures influence threat landscapes
  • Communicate technical findings clearly in both written and verbal form to diverse stakeholders so that recommended actions are understood and implemented
  • Collaborate effectively in hybrid teams while managing time and tasks independently during day shift operations without the need for frequent supervision
  • Display willingness to learn new security tools develop advanced SIEM skills and stay current with evolving threats that affect Critical National Infrastructure and Hi Tech sectors
  • Hold a formal degree or equivalent experience in information security computer science or a related discipline that supports analytical and problem solving skills


Certifications Required

Preferred certifications include CompTIA Security Plus or equivalent SIEM focused training such as Splunk Certified Core Power User

La Comunidad Cognizant:
Somos un equipo que se aprecia y apoya mutuamente. Nuestros asociados trabajan en un entorno colaborativo e integrador en el que todos pueden prosperar.

  • Cognizant es una comunidad global con más de 300.000+ asociados en todo el mundo.
  • No solo soñamos con un mundo mejor, sino que trabajamos para hacerlo realidad.
  • Cuidamos de nuestros asociados, clientes, socios, comunidades y entorno haciendo lo correcto.
  • Fomentamos un entorno innovador en el que puedes desarrollar tu carrera profesional.

Acerca de nosotros
Cognizant (NASDAQ: CTSH) es arquitecto de soluciones de IA y proveedor de servicios tecnológicos que traduce la inversión en inteligencia artificial en valor empresarial real mediante soluciones de IA de stack completo adaptadas a cada cliente. Su profundo conocimiento de la industria, los procesos y la ingeniería le permite integrar el contexto único de cada organización en sistemas tecnológicos que amplifican el potencial humano, generan un impacto real en el negocio y mantienen a las grandes empresas globales un paso adelante en un mundo en constante cambio. Para más información, visita www.cognizant.es o síguenos en @cognizant.

Cognizant es un empleador que ofrece igualdad de oportunidades. Tu solicitud y candidatura no serán consideradas en base a raza, color, sexo, religión, credo, orientación sexual, identidad de género, origen nacional, discapacidad, información genética, embarazo, condición de veterano o cualquier otra característica protegida por las leyes federales, estatales o locales.

Advertencia: 
La información sobre remuneración es exacta a la fecha de esta publicación. Cognizant se reserva el derecho a modificar esta información en cualquier momento, sujeto a la legislación aplicable.Es posible que los candidatos deban asistir a entrevistas en persona o por videoconferencia e, incluso, que tengan presentar su documento de identidad vigente, durante cada entrevista.

Únete a nuestra comunidad de talentos

¿Buscas una nueva oportunidad laboral? Recibe las útimas ofertas de empleo y noticias de la empresa.

Inscribirse