At Generali Operations Service Platform, the Security Detection Unit plays a strategic role in in safeguarding the Generali Group’s digital assets. We manage and continuously evolve a sophisticated SIEM architecture that supports over 50 legal entities across multiple time zones. Our mission is to ensure strong detection capabilities and swift responses to cyber threats, working closely with the Security Operations Center (SOC), Cyber Security Incident Response Teams (CSIRTs), and key IT stakeholders.
We are seeking a skilled and proactive SIEM Specialist to join our team. In this role, you will oversee the daily operations, development, and strategic evolution of our SIEM platforms. You will also play a key part in our transition towards a cloud-native security architecture, contributing to the modernization of our detection capabilities.
Following an initial onboarding phase, you will operate with a high degree of autonomy, actively shaping detection strategies and supporting transformation initiatives across the Group.
Main tasks
* Monitor and maintain SIEM platform health through daily checks and performance assessments
* Integrate new log sources in line with internal requirements and customer needs
* Administer and optimize SIEM components to ensure scalability, reliability, and operational efficiency
* Design and implement advanced detection use cases and correlation rules aligned with Group Cybersecurity strategy
* Identify and troubleshoot log source outages, coordinating with platform owners to ensure continuity
* Collaborate with SOC teams to fine-tune detection logic and enhance alert quality
* Participate in strategic projects to expand SIEM coverage and migrating to cloud-based solutions
* Generate periodic reports and KPIs to monitor platform performance and evaluate detection effectiveness
* Contribute to the SIEM roadmap, aligning with evolving security requirements and technological advancements
* Foster collaboration with cybersecurity teams across GOSP and customer entities to ensure cohesive operations
Requirements
Our ideal candidate will meet the following requirements:
* Degree in Computer Science, Cybersecurity, or equivalent professional experience
* Proven experience (2–5 years) in managing and operating SIEM platforms preferably in enterprise environments
* Strong understanding of IT infrastructure (networks, operating systems, cloud environments) and experience in integrating diverse log sources (e.g., firewalls, endpoints, cloud services, identity providers)
* Proficiency in designing and implementing detection use cases, correlation rules, and dashboards
* Understanding of MITRE ATT&CK framework and threat detection methodologies
* Solid knowledge of networking protocols, operating systems (Windows/Linux), and cybersecurity fundamentals
* Familiarity with cloud-native security architectures and migration strategies (e.g., Azure, AWS, GCP)
* Proven expertise in Splunk ES; familiarity with Google SecOps, IBM Qradar, Microsoft Sentinel is a plus
* Experience with scripting/programming languages (e.g., Python, PowerShell) for automation and data manipulation
* Intermediate English proficiency (CEFR B1 or higher)
* Willingness to travel occasionally within Europe
Skills
* Strong communication and interpersonal skills in a multicultural environment
* Ability to work independently and manage priorities effectively
* Analytical mindset with attention to detail and adaptability to changing requirements
* Team-oriented approach with a proactive attitude toward problem-solving
* Passion for cybersecurity and continuous learning
Preferred Certifications
* Splunk Core Certified Advanced Power User
* Splunk Cloud Certified Admin
* Splunk Enterprise Certified Admin / Architect
* Other relevant cybersecurity certifications (e.g., CISSP, GIAC, CompTIA Security+) are a plus
Locations
Mogliano Veneto, Trieste
Company Profile
Generali is a major player in the global insurance industry – a strategic and highly important sector for the growth, development and welfare of modern societies. Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with 470 companies and nearly 80,000 employees.
GOSP - Generali Operations Service Platform is a joint-venture between Generali and Accenture and provides IT and Procurement services to Generali Group companies. Our purpose is to accelerate the Group's innovation and digitization strategy through the Cloud and shared platforms. Based in Italy it has 6 branches across Europe and employs about 1.000 people.
#J-18808-Ljbffr