Log Management Specialist

📣 Qim info ?

Qim info is an IT services company based in Switzerland for more than 15 years.

Our agencies in Geneva, Lausanne, Basel and Zurich in Switzerland as well as Annecy in France, together already counts 473 consultants and we are always looking for new talents to join our growing and ambitious company.

At the end of 2021, Qim info obtained the Happy at Work® label !

And ranks 3rd in the ICTJournal ranking in 2022.

📌 In few words

We’re looking for a Log Management Specialist for an international organization based in Geneva, with a strong experience with Splunk. This role is pivotal in designing, building, and contributing to Cyber Security controls with log management (including Splunk and Cribl).

🎯Activities

1. Design and plan each application logs onboarding in order to monitor suspicious

activities. For each and every log:

✓ Identify retention period with the security team (CSTP).

✓ Identify the index and who need to access the index.

✓ Identify the collection method (agent, api call, etc ).

✓ Define Splunk metadata (source and source type).

✓ Ensure unnecessary logs are not ingested (Cribl will be used for this purpose).

✓ Document and maintain according to the standards.

2. In collaboration with practice leads and product owners identify all the relevant logs

that will need to be onboarded to Splunk.

✓ Outcome: Build an inventory identifying format and the location.

3. Develop detection rules in Splunk.

✓ Based on CSTP detection and monitoring rules write Splunk queries that will be

used for alerting.

4. Coordinate with internal teams to identify admin owners for 21 critical applications.

5. Engage with Cyber Security team to implement log management processes which

prevent potential threats or unauthorized actions.

6. Contribute to the project team for validation of the roadmap for the cyber controls.

💼 Your profil

• University degree: A university degree in a technical field, complemented by a

minimum of 5 years of experience in administering primarily on-premises based multi-user environments. This should include expertise in planning, designing, building, and

implementing complex systems tailored for log management and analytics.

• Experience in Log Management solutions: Strong background in Splunk. This includes

expertise in log collection, processing and visualization.

• Deep knowledge of SPL: Write rules queries in Splunk that will be used for alerting.

ASSETS

• Cloud Services: Experience working with cloud providers, particularly Azure, in

deploying and managing log management solutions (Splunk, Elastic) and related

services in the cloud.

• Infrastructure Automation: Proficiency in infrastructure automation and provisioning

tools, such as PowerShell and Ansible playbooks, to automate the deployment and

management of log management solutions.

• Project and process management tools: Experience using project and process

management tools (agile methodology such as SCRUM), such as Microsoft TFS, particularly in the management of Product Backlog Items (creation, follow-up).

🏆 Job conditions

💥Your recruitment

🙌 Why choose Qim info ?

🛠 Recognized IT expertise in the world of consulting with an activity focused around ten business sectors

🤜🤛 Proximity and quality HR & managerial follow-up with our consultants to support them in their skills development and in their daily mission

🥳 Joining us is also sharing more than a coffee break! Qim tech talks, company evenings, Qim info Weekend… many events are organized each year, enough to create beautiful memories together!

🔎 Want to know more ?

We look forward to your application 😊

Porté par nos valeurs humaines et notre sens du service, nous vous aidons à trouver votre équilibre dans votre vie professionnelle et personnelle. Nos Business Unit Manager vous donnent accès à divers outils pour gérer et faire progresser votre carrière afin de vous accompagner dans la concrétisation vos propres buts.

Votre profil est unique et c’est pour cette raison que vous avez été recruté.e. Ici, dès le premier jour, tout est mis en œuvre pour vous permettre de réaliser vos ambitions.

Parce que notre collaboration va bien au-delà d’une mission ou d’un projet, nos équipes vous proposeront régulièrement des formations, en adéquation avec votre projet professionnel.

Votre contrat vient de se terminer ? Nous vous assurons un maintien de votre vie professionnelle au sein de notre équipe et la continuité de votre salaire.

Petite ou grande victoire. Nous avons toujours une bonne occasion pour faire la fête ensemble.