Job Searchi - jobSearchi.com

Job Details

ID #15678799
State California
City Longbeach
Job type Contract
Salary USD Depends on Experience Depends on Experience
Source Matchpointe Group
Showed 2021-06-21
Date 2021-06-11
Deadline 2021-08-10
Category Et cetera
Create resume

Threat Detection Engineer

California, Longbeach, 90801 Longbeach USA

Vacancy expired!

Threat Detection Engineer/SIEM AdministratorLocation: Long Beach, CaliforniaDuration: 6-12 Months / Possible CTHRate: DOE Seeking a Threat Detection Engineer/SIEM Administrator to work for us supporting the end client for remote until the office is safe to reopen (Post Covid-19 Restrictions) This is expected to be a long-term engagement

In this Role:The Threat Detection Engineer/SIEM Administrator works as a member of the Cyber Operations Team. The primary focus for this role is to operate & maintain robust analytics/detection infrastructure to support the team’s threat monitoring capabilities and triage efforts across a suite of security monitoring tools. The candidate will be a subject matter expert on the design, implementation, deployment and maintenance of scalable security monitoring systems and processes, with an emphasis on creating a high signal-to-noise ratio for alerts.The successful candidate will possess deep tactical knowledge of SIEM administration & deployment, including:
  • Design & Engineering or large, performant and distributed cybersecurity systems
  • Aggregation, normalization and enrichment of various event feeds and sensor data
  • Development & Testing of new heuristic/correlation detection ruls
  • Development of new search filters & dashboards
  • Event detection and response tuning
  • Data Warehouse tuning & optimization
  • Integration of diverse cyber threat intelligence sources
Candidate should possess a strong intuition for curating and integrating useful “observables” from network/host sensors for the development of detection rules and incident analysis. The candidate will be expected to balance economy with completeness when integrating data sources into the SIEM. The ability to articulate the utility of a data source for incident analysis and response of any given threat scenario is highly valued.Although not primary, candidate should have prior experience with security incident analysis, investigation and remediation on a tier 2 level or higher. In order to drive effective improvement to threat detection systems and processes, candidate should also possess at least 1 of the following complementary skillsets:
  • Network/Systems forensics and intrusion analysis
  • Incident timeline construction and root cause analysis
  • Advanced PCAP Analysis
  • Malware Analysis & Reverse Engineering
  • Advanced scripting & Automation
  • Network Pen Testing
  • Advanced Threat hunting using framework (such as HELK)

Required Education and Experience
  • Bachelor's degree in Computer Science. An advanced degree is preferred.
  • Strong experience in Cyber security, including at least 4 years in SIEM administration, parser development, cybersecurity content development, and log analysis.
  • Holding one of the following certificates: (a) Certified Integrator/Administrator (various SIEMs), (b) Certified Ethical Hacker (CEH), (c) CCNA
  • Analyze, troubleshoot, and remediate issues with SIEM. · Understands common protocols such as: DHCP, LDAP, SNMP, SMTP, HTTP, SSL.
  • Understanding log format and source data for SIEM.
  • Develop and enhance SIEM rules, queries, filter, dashboard, report, channels, customize list. · Solid experience on developing custom parsers.
  • Deep experience on integration of SIEM with other systems.
  • Must have solid information security and threat intelligence knowledge

Vacancy expired!

Subscribe Report job

Related jobs

»Consultant - Fire and Life Safety Engineer
2021-06-11
»Consultant - Fire and Life Safety Engineer
2021-06-11
»Lead Payload Design Engineer
2021-06-11
»Associate or Mid-Level Manufacturing Engineer
2021-06-11
»Systems Engineer
2021-06-11