Linux - SIEM Engineer
AlienVault - Cork, Ireland
Assisting customers (SOC Analysts, MSSPs, Security Researchers, IT personnel of large organizations) in the deployment, configuration and troubleshooting of AlienVault SIEM solutions - USM Appliance and the new, cloud-based, USM Anywhere solution.
Assist customer with their queries regarding all the open source projects and protocols used by those solutions. Not inclusive list: Suricata, Syslog, OpenVas, OSSEC, Nmap, PRADS, Nagios, Netflow, Ansible, Redis, RabbitMQ, MySql, Apache, Postfix, Debian administration.
Creation of custom reporting, threat intelligence directives and policies, Incident response.
Responsible for an internal canary system to proactively alert some of the biggest clients about issues within their deployment.