Overslaan en naar de inhoud gaan

CyberSecurity Engineer - CNI

00068895721


Job Summary

Collaborate with global cybersecurity teams to monitor investigate and respond to threats across Critical National Infrastructure environments using AlertLogic SIEM Splunk and Arcsight. Analyze high volume security events enhance detection content and support incident handling for Hi Tech clients in a hybrid work model while following day shift operations and ensuring strong cyber resilience.


Responsibilities

  • Monitor security events in real time using AlertLogic SIEM Splunk and Arcsight to detect suspicious activity across Critical National Infrastructure environments and Hi Tech platforms
  • Analyze correlated alerts to identify genuine security incidents while filtering out noise so that investigation efforts focus on the riskiest threats
  • Investigate security incidents end to end by collecting logs reviewing contextual data and documenting clear timelines that support decisive response actions
  • Coordinate with incident responders and infrastructure teams to contain threats eradicate malicious activity and validate successful recovery for affected systems
  • Develop and refine detection rules and correlation searches in AlertLogic SIEM Splunk and Arcsight to improve alert fidelity and reduce false positives over time
  • Create and maintain use cases and playbooks for common attack patterns targeting Hi Tech and Critical National Infrastructure environments to promote consistent incident handling
  • Perform root cause analysis on significant incidents and propose pragmatic control enhancements that reduce the likelihood of recurrence and strengthen security posture
  • Support vulnerability and configuration review activities by interpreting scan results and log data to highlight exploitable weaknesses in monitored systems
  • Collaborate with application cloud and network teams to integrate new log sources into SIEM platforms and validate that events are normalized enriched and searchable
  • Document investigation steps findings and corrective actions in case management tools with a high level of clarity that supports audit compliance and knowledge reuse
  • Produce concise operational reports and metrics that summarize incident trends tool performance and emerging risks for consumption by technical stakeholders
  • Contribute to continuous improvement of SOC workflows by suggesting automation tuning and process refinements that enhance efficiency and analyst experience
  • Participate in tabletop exercises and scenario based simulations that validate incident response readiness for Hi Tech and Critical National Infrastructure services
  • Assist with user awareness by sharing observed threat patterns and practical security hygiene recommendations that help reduce human related vulnerabilities
  • Coordinate with global teams in a hybrid work model to ensure consistent day shift coverage and smooth handover of ongoing investigations where required
  • Support adherence to regulatory and industry standards relevant to Critical National Infrastructure by aligning monitoring practices and documentation with policy expectations
  • Engage in knowledge sharing sessions to spread expertise on AlertLogic SIEM Splunk and Arcsight so that team capabilities grow collectively over time
  • Review new projects and technology changes impacting Hi Tech environments to provide input on logging monitoring and incident response requirements from the outset
  • Participate in threat hunting activities by exploring unusual patterns in logs and developing hypotheses that uncover stealthy or previously undetected malicious activity
  • Assist in evaluating and testing new security tooling or SIEM features that can improve detection quality analyst workflow and overall cyber defense effectiveness


Qualifications

  • Demonstrate practical experience in operating and tuning AlertLogic SIEM for log ingestion correlation and alert triage across complex enterprise environments
  • Apply hands on knowledge of Splunk searches dashboards and correlation rules to investigate incidents and deliver meaningful insights from high volume security data
  • Utilize working experience with Arcsight content development event schema and use case implementation to support robust and scalable security monitoring
  • Bring foundational understanding of cybersecurity principles including network security endpoint protection identity security and incident response lifecycle
  • Show exposure to Hi Tech or technology driven business environments where rapid innovation cloud adoption and complex architectures influence threat landscapes
  • Communicate technical findings clearly in both written and verbal form to diverse stakeholders so that recommended actions are understood and implemented
  • Collaborate effectively in hybrid teams while managing time and tasks independently during day shift operations without the need for frequent supervision
  • Display willingness to learn new security tools develop advanced SIEM skills and stay current with evolving threats that affect Critical National Infrastructure and Hi Tech sectors
  • Hold a formal degree or equivalent experience in information security computer science or a related discipline that supports analytical and problem solving skills


Certifications Required

Preferred certifications include CompTIA Security Plus or equivalent SIEM focused training such as Splunk Certified Core Power User

De Cognizant Community
We zijn een team dat elkaar helpt om doelen te bereiken op het hoogste niveau. Zonder ons team zouden we niet in staat zijn om de huidige energieke, samenwerkende en inclusieve werkomgeving te behouden. Een omgeving gericht om iedereen te laten slagen. 

  • Cognizant is een globale community van 300.000+ collega’s
  • We dromen niet alleen van een betere wereld, wij helpen het te maken
  • We zorgen voor onze mensen, de klanten, het bedrijf, de community en het klimaat door te doen wat goed is
  • We zetten in op een innovatieve omgeving waar je zelf kan bouwen aan een carriere pad dat bij jou past. 

Over ons
Cognizant (NASDAQ: CTSH) is een bouwer van AI-oplossingen en een leverancier van technologiediensten. Wij slaan de brug tussen AI-investeringen en ondernemingswaarde door het bouwen van full-stack AI-oplossingen voor onze klanten. Onze diepgaande kennis van sectoren, processen en engineering stelt ons in staat om de unieke context van een organisatie te verankeren in technologische systemen. Deze systemen versterken het menselijk potentieel, realiseren tastbaar rendement en geven wereldwijde ondernemingen een voorsprong in een snel veranderende wereld. Ontdek hoe op www.cognizant.com of @cognizant.

Cognizant is een werkgever die gelijke kansen biedt. Uw sollicitatie en kandidatuur worden niet in overweging genomen op basis van ras, huidskleur, geslacht, religie, geloofsovertuiging, seksuele geaardheid, genderidentiteit, nationale afkomst, handicap, genetische informatie, zwangerschap, veteranenstatus of enig ander kenmerk dat beschermd wordt door federale, staats- of lokale wetgeving.

Disclaimer: 
De informatie omtrent compensatie is accuraat ten tijde van deze posting. Cognizant heeft het recht om deze informatie aan te passen. Met lokale wetgeving in achtneming. 

Sluit je aan bij onze Talent Community

Nog niet de juiste kans tegengekomen? Ontvang de nieuwste updates over vacatures, wervingsevenementen en bedrijfsnieuws, speciaal op maat gemaakt voor jou!

Aanmelden