|
Job Title
Cyber Security SIEM Engineer
Job Description
• Administer, operate, and maintain SIEM environment, including installation, configuration, tuning, and maintenance of SIEM components, such as: event collectors, loggers, correlation engine, and databases
• Upgrade and patch the SIEM and other security platforms to the latest versions
• Develop processes and documentation to magnify the benefits of existing tools
• Perform security gap analysis in support of new products as well as the tuning of existing tools
• Work with internal customers to develop requirements to meet their security objectives related to Log Management and SIEM
• Provide Security Consulting services to their IT and other Business Units
• Create collaborative environment that encourages growth and information sharing including mentoring and educating team members
• Review current reporting and compliance goals, and verify reports to ensure they are meeting these goals
• Provide the highest level of support for all products offered by Security Operations
Travel
Job Type
Regular
Date Required
Job Requirements
• Expert-level understanding and knowledge of the principles of log management and preferably the McAfee (Nitro) SIEM toolset
• Experience planning, scaling, implementing, monitoring, and troubleshooting an SIEM environment
• Expert-level knowledge of the OSI model
• Knowledge of core security principles and tool management that is product agnostic
• Clear understanding of Windows AD logs, SQL and Oracle events
• Excellent problem-solving and technical skills dealing with technical users
• Must possess the ability to provide best practices subject matter expertise regarding log management system integration, alerting and reporting.
• High analytical skills: must be able to perform analysis and tuning of all incoming security events for threat detection, and increase the efficiency of processing, maximize true threat identification, and ensure accurate reports for auditing. Has the ability to draw meaningful conclusions from reported events, and implement appropriate reporting.
• Required to understand the business and technical requirements, architecture and design specifications and developing the associated content and documentation.
• Detail-oriented, self-motivated and disciplined, with excellent time management skills
• 5+ years of Information Technology experience
• 4+ years of Information Security experience
• 3+ years administrative experience deploying, configuring, troubleshooting, and maintaining SIEM components
• 3+ years engineering experience creating correlation, dashboard, and reporting content using SIEM
• Advanced knowledge of content creation concepts and best practices
• Advanced networking experience
• Excellent problem-solving and technical skills
• Experience with any combination of the following: Visio, Syslog, Syslog-NG, TCP/IP, Networking, Linux/Unix, Windows, OSX, Active Directory, Event Analysis, NIST standards and guidelines, Database Activity Monitoring, MS SQL, Oracle, SAN architecture, firewalls, IPS/IDS, A/V, advanced networking, McAfee |
