General Information Req # 100015652 Career area: Information Technology Country/Region: Brazil State: São Paulo City: Sao Paulo Date: Friday, January 31, 2025 Additional Locations:  * Brazil Why Work at Lenovo We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY). 
To find out more visit www.lenovo.com and read about the latest news via our StoryHub. Description and Requirements

Primary Responsibilities

Provide engineering, operation and enhancement of the SIEM, SOC platform tools and data collection and analysis systems.Develop, deploy, and tune tools content and reporting.Assist in the design, architecture and implementation of use cases, detection rules, integration and workflows automationAnalyze existing use case catalogue and correlation rules implemented as well as automation workflows.Cooperate with the other team members in correlation searches development and testing.Prepare correlation search test, conduct test and document evidence from test that shows correlation search addresses scenario described in use case.Cooperate with log source onboarding project to assure correct log source onboarding and log mapping to data models according to SOC tools best practices.Responsible for the creation of procedures, runbooks, high-level/low-level documentation, implementation of processes and development of staff in relation to SOC tools detection logic.Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems and SOC tools.

Knowledge and skills

3+ years of hands-on SIEM experience.Direct experience with SOC tools engineering and data integration.Scripting and development skills in Python/Perl with deep comprehension of regular expressions.General networking and security knowledge.Experience with building intricate searches from disparate data sources and joining them togetherVersed in building threat detections (correlation rules) using security logs to detect malicious activity with high fidelityKnowledge of security logging for Linux, Windows, major EDRs, Firewalls, & Active DirectoryThe ability to aggregate and analyze logs from various deployed security devices.Familiarity with DevOps and cloud computer service providers (AWS / Azure) Additional Locations:  * Brazil * Brazil