Job Description

The HR Path Group, a global player in HR consulting, assists its customers in their HR transformation projects, both on the human and tools aspects (HRIS). We intervene in Europe, America and Asia-Pacific, for our large accounts and SME customers, in order to offer them a global support in the development of their HR strategy.

Advise to Run ! HR Path, Global Leader in HR solutions

• ADVISE : We support our customers in the transformation of their HR function, through a redefinition of their HR organization and their HRIS digitalization
• IMPLEMENT : As a partner of the main editors of the market, we carry out technical and functional implementation projects of all HRIS solutions (SaaS or On-Premise)
• RUN : Thanks to our global payroll expertise, we offer our clients several levels of payroll outsourcing

YOUR MISSIONS

HR Path is seeking a skilled and motivated SIEM Administrator with knowledge in Splunk, Tenable Security Center, and OpenCTI to join our security operations team. The role is under the Head of Security Operation (CISO manager is HR Path CEO).

This role is important to maintain, optimize, and enhance HR Path security tools to ensure our organization’s security, and compliance proactively detect and mitigate security threats.

As a SIEM Administrator, you will be responsible for managing and maintaining the Splunk platform, the Tenable Security Center for vulnerability management, and the OpenCTI platform for threat intelligence. You will work closely with incident security analysts, compliance and audit team, and other security personnel to ensure that tools are adapted to current and future needs.

• Splunk

o Administer, configure, and maintain the Splunk platform, including forwarders, indexers, and search heads

o Develop, deploy, and optimize Splunk dashboards, searches, and alerts to enhance visibility of security events and threats

o Troubleshoot and resolve issues related to data ingestion, indexing, and query performance

o Create and maintain Splunk apps and custom Splunk configurations as required by security operations and compliance

o Implement and maintain Splunk security best practices for data retention, storage, and compliance

o Work closely with security team members to ensure Splunk integrates seamlessly with other security and IT systems

o Go deeper in logs to investigate use cases associated to fraud

• Tenable Security Center

o Administer and configure Tenable Security Center for vulnerability scanning, management, and reporting

o Administer Tenable.IO scope to ensure collect from remote vulnerability scanning, management, and reporting

o Configure, schedule, and control vulnerability scans of systems, networks, and assets

o Integrate Tenable Security Center with other security platforms such as SIEMs, ticketing systems, and remediation tools

o Maintain and update Tenable plugins, scanners, and configuration settings

o You will not be in charge of remediation follow-up (managed by the SOC/VOC team)

• OpenCTI

o Manage and administer the OpenCTI platform for centralized threat intelligence management and integration (based on Kubernetes)

o Develop workflows for the collection, analysis, and sharing of threat intelligence

o Integrate OpenCTI with other security platforms (Splunk, Firewalls, WAF, Tenable, etc.)

o Configure and maintain data pipelines for automatic ingestion of threat intelligence feeds

o You will not be in charge of threat intelligence qualification and investigation (managed by the SOC/VOC team)

The position is located In either Montreal or Toronto.

YOUR PROFILE

• 3+ years of experience with Splunk administration, including working with Splunk Enterprise or Splunk Cloud

o Advanced knowledge of Splunk search language (SPL) and dashboard creation

o Splunk Enterprise Certified Admin or associated knowledge

• Ideally an experience in Tenable Security Center administration and vulnerability management

o Experience with Tenable vulnerability management, including configuring scans, interpreting findings, and reporting

• Ideally an experience in managing OpenCTI and threat intelligence platforms

o Understanding of OpenCTI platform workflows, intelligence sharing, and integrations with other security tools

o Familiarity with threat intelligence concepts such as IOC, TTPs, and MITRE ATT&CK framework.

• Experience with Linux/Unix and Windows administration, including automation and scripting (especially Red Hat)

WHAT WE OFFER

• This role provides a unique opportunity to work with top-tier security technologies
• A stimulating work environment at the heart of an entrepreneurial and international culture
• A transversal approach to our activities, which encourages teamwork and excellence
• Numerous opportunities for advancement (horizontal, vertical and international mobility)
• Annual salary increases on the anniversary date to reward performance
• Multiple training opportunities (internal university, certifications)
• Certified Happy at Work, we offer a good life balance with telecommuting possibilities
• A friendly work environment (quarterly team activities, annual international seminar)

See you soon at HR Path !

Job Tags

Similar Jobs