Vacancy expired!
- Onboard and parse new data sources into SaaS SIEM
- Monitor and maintain SIEM log ingestion and log forwarding servers
- Partner with SOC to migrate required analytics and content (feeds, watchlists, rules, etc.) from existing on-prem SIEM to new SaaS environment
- Provide platform support and engage vendor as needed
- Work with SOC Automation team to integrate SOAR platform
- Monitor environment availability/performance and work to improve efficiency/effectiveness
- Prepare/update technical engineering and operational documentation
- Meet with SOC Incident Response and Cyber Hunt teams to review improvement opportunities and take action on those requests
- Actively contribute as a member of the SIEM/UEBA engineering team to continually improve and mature the platform
- Securonix
- RSA NetWitness
- Cortex XSOAR
- Elastic
- Linux
- Python
- JSON
- Minimum of 3 years of IT Security experience
- Proven effectiveness within large/diverse operating environments
- Creative problem-solving and good interpersonal skills
- Possess presence and credibility to act as a domain specialist
- Proven engineering and operating complex SIEM/UEBA platforms
- Experience with Linux OS and scripting languages, such as python
- Experience in security monitoring, log management (ingesting, parsing, enriching, filtering), and incident response principles
- Bachelor's degree is preferred
- Industry certifications, such as CISSP
Vacancy expired!