Systems Integrator Senior

Explore exciting open positions in the IT and Telecom Networking Industry today.

The qualified candidate(s) will support an internal project “SOC Core Log Ingestion” and be responsible for coordinating and facilitating log ingestion deliverables with both the System Administrator and in collaboration with various Bell business units (BU). The log ingestion packages are to be deployed onto servers and security equipment.

Day-to-day responsibilities:

• Participate in developing log ingestion packages for Windows OS, Linux, and other security equipment.
• Validate proper reception of logs coming from servers and security equipment.
• Develop and maintain parsers in SIEM connectors to ensure logs are properly formatted and normalized per data schemas.
• Apply foundational security knowledge to ensure that events with security value reach the SOC, while also protecting the infrastructure from being overloaded.
• Ensure proper documentation for packages developed. Assist with support handoff to deployment support teams.
• Develop service monitoring capabilities in alerting or visualization formats to ensure SOC log services are in high availability.
• Provide support to various customers for log delivery via service desk.
• Participate in various meetings such as daily stand-ups, project reports, and status calls.

Required Skillsets:

• Experience creating and customizing scripts (e.g., Python, Ruby, Powershell); basic Python experience is a must.
• Strong knowledge of monitoring, alerting, and telemetry solutions; Prometheus/AlertManager, Grafana, Zabbix, and Nagios experience are assets.
• Advanced experience in coordinating, developing, and deploying SIEM log packages.
• Knowledge of industry-standard SIEM platforms; 2+ years of hands-on experience, preferably with ArcSight or Elastic. Splunk, QRadar, etc., are acceptable.
• Exposure to DevOps tools and containerized services platforms; OpenShift experience is an asset.
• Experience with log delivery and monitoring in cloud platforms such as AWS, Azure, and Google Cloud is an asset.
• Must have advanced Windows & Linux OS security knowledge; the candidate must know how these operating systems function, as a security integrator, and how to obtain the security logs from Windows & Linux OS distributions.
• Understand and be able to configure log shippers (such as auditbeat, filebeat, winlogbeat); other experience such as Splunk light forwarders is acceptable.