SIEM Junior Engineer

Description

Ryanair Holdings plc, Europe’s largest airline group, is the parent company of Buzz, Lauda, Malta Air & Ryanair DAC. Carrying over 154 m guests p.a. on more than 2,400 daily flights from 82 bases, the group connects over 200 destinations in 40 countries on a fleet of over 475 aircraft, with a further 210 Boeing 737’s on order, which will enable the Ryanair Group to lower fares and grow traffic to 200m p.a. by FY24. Ryanair has a team of over 19,000 highly skilled aviation professionals delivering Europe’s No.1 on-time performance, and an industry leading 34-year safety record. Ryanair is Europe’s greenest cleanest airline group and customers switching to fly Ryanair can reduce their CO₂ emissions by up to 50% compared to the other Big 4 EU major airlines.

Ryanair Labs is the technology brand of Ryanair, a tech starts up within a legacy airline. Our digital hubs are located in Dublin, Madrid, and Wroclaw and our newest location, Portugal. With big plans to digitally revolutionise the travel industry, Ryanair Labs has embarked on its mission to become the Amazon of Travel with an encompassing Trip's platform.

Responsibilities

• Perform log integrations from connectors across all the organization, including a wide variety of technologies and hybrid environments (cloud and on-premises).
• Implement detection rules for threats in our environment based on threat intelligence reports and knowledge of TTPs.
• Maintain the SIEM architecture to ensure performance and health of the cluster.
• Develop automation mechanisms to improve the security monitoring process.
• Write clear and concise documentation at both technical and executive level, that can be used to improve the overall security posture.
• This role is well-fitted for a junior profile who is willing to take the next step to be involved in the security monitoring process of the company.

Requirements

• Programming skills to develop scripts, API connectors and automations to support current existing deployments.
• Experiencie of 2-3 years at the most
• Familiarity or basic knowledge with log collection tools (Logstash, Fluentd, Beats, etc.) and SIEM platforms (Sentinel, Splunk, QRadar, ELK, etc.)
• Having background in information security is of advantage.
• Good analytical skills, able to identify what logs are necessary to examine for each kind of research.

Benefits

• Flight Benefits
• We believe in a hybrid working model, you can work up to three days per week remote, but you are also going to enjoy the excellent work environment at our modern offices in the heart of Madrid/Wroclaw