Vacancy expired!
Threat Detection Engineer/SIEM AdministratorLocation: Long Beach, CaliforniaDuration: 6-12 Months / Possible CTHRate: DOE Seeking a Threat Detection Engineer/SIEM Administrator to work for us supporting the end client for remote until the office is safe to reopen (Post Covid-19 Restrictions) This is expected to be a long-term engagement
In this Role:The Threat Detection Engineer/SIEM Administrator works as a member of the Cyber Operations Team. The primary focus for this role is to operate & maintain robust analytics/detection infrastructure to support the team’s threat monitoring capabilities and triage efforts across a suite of security monitoring tools. The candidate will be a subject matter expert on the design, implementation, deployment and maintenance of scalable security monitoring systems and processes, with an emphasis on creating a high signal-to-noise ratio for alerts.The successful candidate will possess deep tactical knowledge of SIEM administration & deployment, including:- Design & Engineering or large, performant and distributed cybersecurity systems
- Aggregation, normalization and enrichment of various event feeds and sensor data
- Development & Testing of new heuristic/correlation detection ruls
- Development of new search filters & dashboards
- Event detection and response tuning
- Data Warehouse tuning & optimization
- Integration of diverse cyber threat intelligence sources
- Network/Systems forensics and intrusion analysis
- Incident timeline construction and root cause analysis
- Advanced PCAP Analysis
- Malware Analysis & Reverse Engineering
- Advanced scripting & Automation
- Network Pen Testing
- Advanced Threat hunting using framework (such as HELK)
- Bachelor's degree in Computer Science. An advanced degree is preferred.
- Strong experience in Cyber security, including at least 4 years in SIEM administration, parser development, cybersecurity content development, and log analysis.
- Holding one of the following certificates: (a) Certified Integrator/Administrator (various SIEMs), (b) Certified Ethical Hacker (CEH), (c) CCNA
- Analyze, troubleshoot, and remediate issues with SIEM. · Understands common protocols such as: DHCP, LDAP, SNMP, SMTP, HTTP, SSL.
- Understanding log format and source data for SIEM.
- Develop and enhance SIEM rules, queries, filter, dashboard, report, channels, customize list. · Solid experience on developing custom parsers.
- Deep experience on integration of SIEM with other systems.
- Must have solid information security and threat intelligence knowledge
Vacancy expired!